The Joomla Soft component suffers from a remote SQL injection vulnerability.
77bc3ab293fb20dc85d7f0bf1bc6716d9feee207f00c2467342b0e7b844136e1
#############################################################
[#] Application Name : Joomla (com_soft)
[#] Type : SQL Injection
[#] author : Skte_vahshat
[#] Google Dork : index.php?option=com_soft
[#] E-mail: skote.vahshat@gmail.com
[#] http://www.sthst.com/index.php?option=com_soft&cid=3
#############################################################
< ------------------- header data end of ------------------- >
heloo new bug in joomla
--------------------------------------------------
<?php
$id= $_GET[id];
....
$yasak = array("\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\"", "\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\\", "/", "*", "", "=", "-
", "#", ";", "<", ">", "+", "%");
$id = str_replace($yasak, "", $id);
$query= "SELECT * FROM users WHERE id= .$id." ;"
...
?>