The Joomla Directory Tree component suffers from a remote SQL injection vulnerability.
147eadc55394af1ca270019429bec35dd425c9eb313cef0ee49125f915d4b27d
#1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
#0 _ __ __ __ 1
#1 /' \ __ /'__`\ /\ \__ /'__`\ 0
#0 /\_, \ ___ /\_\/\_\ \ \ ___\ \ ,_\/\ \/\ \ _ ___ 1
#1 \/_/\ \ /' _ `\ \/\ \/_/_\_<_ /'___\ \ \/\ \ \ \ \/\`'__\ 0
#0 \ \ \/\ \/\ \ \ \ \/\ \ \ \/\ \__/\ \ \_\ \ \_\ \ \ \/ 1
#1 \ \_\ \_\ \_\_\ \ \ \____/\ \____\\ \__\\ \____/\ \_\ 0
#0 \/_/\/_/\/_/\ \_\ \/___/ \/____/ \/__/ \/___/ \/_/ 1
#1 \ \____/ >> Exploit database separated by exploit 0
#0 \/___/ type (local, remote, DoS, etc.) 1
#1 1
#0 [+] Site : 1337day.com 0
#1 [+] Support e-mail : submit[at]1337day.com 1
#0 0
#1 ############################################# 1
#0 I'm Sid3^effects member from Inj3ct0r Team 1
#1 ############################################# 0
#0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1
Application:Joomla com_directorytree Sqli vulnerability
Date:13/10/2011
Vendor URL:http://www.465-media.com/
Google Dork:inurl:com_directorytree
Author:Sid3^effects aKa HaRi
Contact:shell_c99@yahoo.com
#Big hugs : Th3 RDX,Sugar
#special thanks to : r0073r (inj3ct0r.com),L0rd CruSad3r,SeeMe,MaYur,MA1201,Sonic,gunslinger_,Sn!pEr.S!,cr1m1n4l
###############################################################################################################
Desc:
eTree is primarily an employee/staff listing component for Joomla! CMS, allowing you to list employees/staff by categories and sub categories. Ideal usage is for any organization that needs to have people in many categories and sub-categories. For instance:
* Non-Profits
* Teacher/PTA groups.
* Girl Scout/Cub Scouts
* Churches/Religious Organizations
* Sports Teams
* Business - Large or Small
###############################################################################################################
Vulnerability:Sqli
http://www.target.com/demo/index.php?option=com_directorytree&view=displays&layout=user&user_id=[Sqli]&Itemid=4
http://www.target.com/demo/index.php?option=com_directorytree&view=displays&layout=category&id=[Sqli]&Itemid=2
###############################################################################################################