Joomla Spider Contacts 1.3.6 and below SQL Injection vulnerability

######################

# Exploit Title : Joomla Spider Contacts <= 1.3.6 SQL Injection # Exploit Author : Claudio Viviani # Vendor Homepage : http://web-dorado.com/ # Software Link : http://web-dorado.com/?option=com_wdsubscriptions&view=dwnldfree&format=row&id=60 # Mirror Link : https://mega.co.nz/#!mJwlUahJ!fx7d1ZQszaD3-k66PjWQEBXQafJnEeRDEleN8jqbVOE # Dork Google: inurl:option=com_spidercontacts # Date : 2014-09-07 # Tested on : Windows 7 / Mozilla Firefox # Linux / Mozilla Firefox ######################