================================================================================ Joomla Component com_jvideoclip (cid|uid|id) Blind SQL Injection / SQL Injection ================================================================================ Author : SixP4ck3r Email & msn : SixP4ck3r@Bolivia.com Date : 21 Sept 2013 Critical Lvl : Medium Impact : Exposure of sensitive information Where : From Remote Blog : http://sixp4ck3r.blogspot.com/ Credits : To my love! Dork : inurl:com_jvideoclip --------------------------------------------------------------------------- [Exploting..Bug..Demo..] http://example/index.php?option=com_jvideoclip&view=search&type=user&uid=[SQLi]&Itemid=6 [Blind SQL Injection] http://example/index.php?option=com_jvideoclip&view=search&type=user&uid=[bSQLi]&Itemid=6 --------------------------------------------------------------------------- SixP4ck3r from Bolivia ___EOF____