Joomla Component mod_spo SQL Injection Vulnerability

No description provided by source. Exploit Title: Simple Page Option LFI Google Dork: inurl:modspo Date: 15/07/2011 Author: SeguridadBlanca.Blogspot.com or SeguridadBlanca Software Link: http://joomlacode.org/gf/download/frsrelease/11841/47776/modspo1.5.16.zip Version: 1.5.x Tested on: Backtrack...

Joomla Simple Page Option Local File Inclusion

Simple Page Option – LFI Vulnerable-Code: $slang =& JRequest::getVar'spositelang'; fileexistsdirnameFILE.DS.'languages'.DS.$slang.'.php' ? includedirnameFILE.DS.'languages'.DS.$slang.'.php' : includedirnameFILE.DS.'languages'.DS.'english.php'; Vulnerable-Var: spositelang= Expl0iting:...