Joomla Face Gallery 1.0 Multiple Vulnerabilities

######################

# Exploit Title : Joomla Face Gallery 1.0 Multiple Vulnerabilities

# Exploit Author : Claudio Viviani

# Vendor Homepage : https://www.apptha.com

# Software Link : https://www.apptha.com/downloadable/download/sample/sample_id/150

# Dork Google: inurl:option=com_facegallery

# Date : 2014-09-17

# Tested on : Windows 7 / Mozilla Firefox
# Linux / Mozilla Firefox

######################

Joomla Spider Form Maker 3.4 and below SQL Injection

######################
# Exploit Title : Joomla Spider Form Maker <= 3.4 SQL Injection # Exploit Author : Claudio Viviani # Vendor Homepage : http://web-dorado.com/ # Software Link : http://web-dorado.com/products/joomla-form.html # Dork Google: inurl:com_formmaker # Date : 2014-09-07 # Tested on : Windows 7 / Mozilla Firefox # Linux / Mozilla Firefox ######################

Joomla Spider Contacts 1.3.6 and below SQL Injection vulnerability

######################

# Exploit Title : Joomla Spider Contacts <= 1.3.6 SQL Injection # Exploit Author : Claudio Viviani # Vendor Homepage : http://web-dorado.com/ # Software Link : http://web-dorado.com/?option=com_wdsubscriptions&view=dwnldfree&format=row&id=60 # Mirror Link : https://mega.co.nz/#!mJwlUahJ!fx7d1ZQszaD3-k66PjWQEBXQafJnEeRDEleN8jqbVOE # Dork Google: inurl:option=com_spidercontacts # Date : 2014-09-07 # Tested on : Windows 7 / Mozilla Firefox # Linux / Mozilla Firefox ######################

Joomla Spider Calendar 3.2.6 SQL Injection Exploit + Demo

######################

# Exploit Title : Joomla Spider Calendar <= 3.2.6 SQL Injection # Exploit Author : Claudio Viviani # Vendor Homepage : http://web-dorado.com/ # Software Link : http://extensions.joomla.org/extensions/calendars-a-events/events/events-calendars/22329 # Dork Google: inurl:option=com_spidercalendar # Date : 2014-08-31 # Tested on : Windows 7 / Mozilla Firefox # Linux / Mozilla Firefox ######################

Joomla Spider video player 2.8.3 SQL Injection

######################

# Exploit Title : Joomla Spider video player 2.8.3 SQL Injection

# Exploit Author : Claudio Viviani

# Vendor Homepage : http://web-dorado.com/

# Software Link : http://extensions.joomla.org/extensions/multimedia/multimedia-players/video-players-a-gallery/22321

# Dork Google: inurl:/component/spidervideoplayer
inurl:option=com_spidervideoplayer

# Date : 2014-08-26

# Tested on : Windows 7 / Mozilla Firefox
# Linux / Mozilla Firefox

######################