Joomla Shop SQL Injection

2011-05-25T00:00:00
ID PACKETSTORM:101660
Type packetstorm
Reporter ThunDEr HeaD
Modified 2011-05-25T00:00:00

Description

                                        
                                            `#########################################################################  
  
[+] Exploit Title :Joomla Component (com_shop) SQL Injection Vulnerability  
[~] Author : ThunDEr HeaD  
[~] Contact : thunderhead10@gmail.com  
[~] Date : 24-05-2011  
[~] HomePage : www.indishell.in  
[~] Version :  
[~] Tested on : Live SIte  
[~] Vulnerability Style : Joomla Component SQLi  
[~] Vendor: http://www.mudrait.com/  
#########################################################################  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
<3 Love: -[SiLeNtp0is0n]-, stRaNgEr(lucky), inX_rOot, NEO H4cK3R, DarkL00k, Th3 RDX, G00g!3 W@rr!0r, Mahi ,  
eXeSoul, str1k3r, co0Lt04d , ATUL DWIVEDI , Jackh4xor  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
......\m/ INDIAN CYBER ARMY \m/......  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
  
  
Vulnerability:  
  
*SQL injection Vulnerability*  
  
  
[#] http://site/index.php?option=com_shop&task=viewproduct&editid=-38  
  
[#] http://site/index.php?option=com_shop&task=viewproduct&editid=[SQLi]  
  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
=> PROUD TO BE AN INDIAN | Anythning for INDIA | JAI-HIND | Maa Tujhe Salam  
  
=> c0d3 for motherland, h4ck for motherland  
  
  
  
Enj0y! :D  
  
  
[#] DOne now time to rock \m/  
  
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~  
  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
Bug discovered : 24 May 2011  
  
finish(0);  
-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=  
  
#End 0Day#  
`