joomla component The Estate Agent (com_estateagent) SQL injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : joomla component The Estate Agent (com_estateagent) SQL injection Vulnerability
# Published : 2012-04-10
# Author :
# Previous Title : MyClientBase v0.12 - Multiple Vulnerabilities
# Next Title : C4B XPhone UC Web 4.1.890S R1 XSS Vulnerability

##################################################
# Exploit Title: joomla component (com_estateagent) SQL injection Vulnerability
# Date: 10/04/2012
# Author: xDarkSton3x
# E-mail : xdarkston3x@msn.com
# Category:: webapps
# Google dork: inurl:"com_estateagent"
# Tested on: linux + windows
# Vendor link: http://www.eaimproved.eu/index.php
##################################################

[~]Exploit/p0c :
http://site.com/index.php?option=com_estateagent&Itemid=47&act=object&task=showEO&id=[sqli]

Greetz [ Rs4 - B4nz0k - FailRoot - FailSoft - W4rn1ng] - [ Malandrines Team  -  DiosdelaRed.Com - RemoteExecution ] [ Dedalo - Maztor ]