Joomla! Component onisQuotes 2.5 – ‘tag’ SQL Injection

• Exploit Database
• 13 阅读

• 作者： Persian Hack Team
  日期： 2017-02-11
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/41323/

• # Exploit Title: Joomla Component onisQuotes 2.5 - SQL Injection
  # Date: 2017-02-11
  # Home : https://extensions.joomla.org/extensions/extension/news-display/quotes/onisquotes/
  # Exploit Author: Persian Hack Team
  # Discovered by : Mojtaba MobhaM (kazemimojtaba@live.com)
  # Home : http://persian-team.ir/
  # Telegram Channel AND Demo: @PersianHackTeam
  # Tested on: Linux
  
  # POC :
  # tag Parameter Vulnerable to SQL Injection
  # http://www.Target.com/index.php?option=com_onisquotes&view=quotes&tag=[SQL]&Itemid=180
  
  # Greetz : T3NZOG4N & FireKernel & Milad Hacking And All Persian Hack Team Members
  # Iranian white hat Hackers