VULHUB ™

A SQL Injection Vulnerability has been discovered in the Joomla Module called com_blog_calendar. The Vulnerability is located in the index.php?option=com_blog_calendar&modid=xxx Parameter. Attackers are able to execute own SQL commands by usage of a GET Method Request with manipulated modid Value. Attackers are able to read Database information by execution of own SQL commands. ### DORKS (How to find the target) : inurl:/index.php?option=com_blog_calendar Or use your own Google Dorks :) ### Proof of Concept SQL Injection PoC : ``` http://[Site]/[Path]/index.php?option=com_blog_calendar&modid=['SQLi] ``` Screenshot (PoC) : http://i64.tinypic.com/2rqhhk4.png

A SQL Injection Vulnerability has been discovered in the Joomla Module called com_blog_calendar. The Vulnerability is located in the index.php?option=com_blog_calendar&modid=xxx Parameter. Attackers are able to execute own SQL commands by usage of a GET Method Request with manipulated modid Value. Attackers are able to read Database information by execution of own SQL commands. ### DORKS (How to find the target) : inurl:/index.php?option=com_blog_calendar Or use your own Google Dorks :) ### Proof of Concept SQL Injection PoC : ``` http://[Site]/[Path]/index.php?option=com_blog_calendar&modid=['SQLi] ``` Screenshot (PoC) : http://i64.tinypic.com/2rqhhk4.png