Joomla eventcal组件1.6.4 com_eventcalSQL注入盲注漏洞
CVE: N/A
OSVDB-ID: N/A
Author: RoAd_KiLlEr
Published: 2010-07-03
Verified: No
view sourceprint?[~] Founded by **RoAd_KiLlEr**

[~] Team: Albanian Hacking Crew

[~] Contact: RoAd_KiLlEr[at]Khg-Crew[dot]Ws

[~] Download App:http://joomlacode.org/gf/project/eventcal/frs/

==========ExPl0iT3d by **RoAd_KiLlEr**==========

[+]Description:

eventCal is a calendar component for

Joomla!. It enables you to provide a

month, week and day-overview of events

to your users. If enabled, users will

be able to submit events from the

frontend of your site directly into the

calendar.

=========================================

[+] Dork: inurl:"com_eventcal"

==========================================

[+]. SQL-i Vulnerability

=+=+=+=+=+=+=+=+=+

[Exploit]: http://xiaoweio.cn/path/index.php?option=com_eventcal&Itemid=[BLIND SQL-i]

==========================================

[!] Albanian Hacking Crew

=======================================

[!] **RoAd_KiLlEr**

======================================

[!] MaiL: sukihack[at]gmail[dot]com

========================================

[!] Greetz To : Ton![w]indowS | X-n3t | b4cKd00r ~ | DarKHackeR. | The|DennY` | EaglE EyE | Lekosta | KHG | THE_1NV1S1BL3 & All Albanian/Kosova Hackers

===========================================

[!] Spec Th4nks: Inj3ct0r.com & r0073r | indoushka from Dz-Ghost Team | MaFFiTeRRoR | Sid3^effects | The_Exploited | And All My Friendz

================================

[!] Red n'black i dress eagle on my chest

It's good to be an ALBANIAN

Keep my head up high for that flag I die

Im proud to be an ALBANIAN

============================================