CVE-2008-5864

This exploit demonstrates a blind SQL injection vulnerability in the Joomla component com_tophotelmodule. The vulnerability allows an attacker to inject SQL queries via the 'id' parameter, enabling information disclosure through boolean-based blind SQLi techniques.

The exploit demonstrates a blind SQL injection vulnerability in the Joomla component com_lowcosthotels via the 'id' parameter. It includes proof-of-concept URLs that can be used to extract database version information.

This exploit demonstrates a blind SQL injection vulnerability in the Joomla component com_hbssearch via the r_type parameter. The provided URLs show how to inject SQL queries to extract database information.

This Perl script exploits a SQL injection vulnerability in the Joomla com_5starhotels component by injecting a UNION-based query to extract admin credentials (username and password hash) from the jos_users table. The exploit uses LWP::UserAgent to send a crafted HTTP request and parses the response for MD5 hashes.