Joomla! Component com_extcalendar - Blind SQL Injection

Author: Lagripe-Dz
type: webapps
platform: php
port: 
date_added: 2010-08-20  
date_updated: 2017-01-09  
verified: 1  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 14694.txt  

0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
   Joomla Component com_extcalendar Blind SQL Injection Vulnerability
1-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
# Date: 20/08/2010                                                       0
# Author : Lagripe-Dz                                                   1
# contact : Lagripe-Dz@hotmail.com                                       8
# Home : Algeria                                                       1
# Category: webapps/0day                                               0
# Tested on: [ win xp sp2 ]                                               8
# Dork  allinurl:"com_extcalendar"                                       1
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0

[+] Vulnerable File :
http://www.site.com/[PATH]/components/com_extcalendar/cal_popup.php?extmode=view&extid=[BLIND_SQL]

0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0
                 Greetz 2 Allah and Ramadan Karim
0-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=0