Joomla! Component com_wmtpic 1.0 – SQL Injection - 体验盒子

作者： RoAd_KiLlEr

日期： 2010-06-30

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/14128/

1########################################### 1
0I'm **RoAd_KiLlEr**member from Inj3ct0r Team1
1########################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

[+]Title : JoomlaComponentcom_wmtpicSQL Injection Vulnerability
[+]Author: **RoAd_KiLlEr**
[+]Contact : RoAd_KiLlEr[at]Khg-Crew[dot]Ws
[+]Tested on : Win Xp Sp 2/3
---------------------------------------------------------------------------
[~] Founded by **RoAd_KiLlEr**
[~] Team: Albanian Hacking Crew
[~] Contact: RoAd_KiLlEr[at]Khg-Crew[dot]Ws 
[~] Home: http://a-h-crew.net
[~] Vendor: http://www.webmaster-tips.net
[~] Download App:http://www.webmaster-tips.net/Download/View-details/9-Joomla-Components/183-Joomla-1.5-Flash-Gallery-wmtPic.html
==========ExPl0iT3d by **RoAd_KiLlEr**==========

[+]Description:
Flash based image gallery for Joomla. Joomla component wmtPic, with thumbnail support, caption and multiple file upload option. Although it is not a must, it is better to put a link back to this site "Joomla component by Webmaster-tips.net " on your website if you can. This Joomla 1.5 Component is licensed under the GPLv2.0.

=========================================

[+] Dork: inurl:"com_wmtpic"

==========================================


[+].SQL-i Vulnerability
=+=+=+=+=+=+=+=+=+

[Exploit]:http://127.0.0.1/path/index.php?option=com_wmtpic&Itemid=[] <== SQL-i