Joomla Component BF Quiz SQL Injection Vulnerability

vendor:

BF Quiz

by:

Valentin Hoebel

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: BF Quiz

Affected Version From: 1.3.0

Affected Version To: 1.3.0

Patch Exists: NO

Related CWE: N/A

CPE: a:tamlyn_creative_pty_ltd:bf_quiz

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Debian, Apache2, MySQL 5

2010

Joomla Component BF Quiz SQL Injection Vulnerability

A SQL injection vulnerability exists in the Joomla Component BF Quiz version 1.3.0. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database.

Mitigation:

Developers should ensure that user-supplied input is properly sanitized and validated before being used in SQL queries.

Source

Exploit-DB raw data:

# Exploit Title: Joomla Component BF Quiz SQL Injection Vulnerability
# Date: 29th May 2010
# Author: Valentin
# Category: webapps/0day
# Version: 1.3.0
# Tested on: Debian, Apache2, MySQL 5
# CVE :  
# Code : 


[:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::]
>> General Information 
Advisory/Exploit Title = Joomla Component BF Quiz SQL Injection Vulnerability
Author = Valentin Hoebel
Contact = valentin@xenuser.org


[:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::]
>> Product information
Name = BF Quiz
Vendor = Tamlyn Creative Pty Ltd
Vendor Website = http://www.tamlyncreative.com/software/
Affected Version(s) = 1.3.0

 
[:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::]
>> SQL Injection
Example URI = 
index.php?option=com_bfquiztrial&view=bfquiztrial&catid=[SQL Injection]&Itemid=62


[:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::]
>> Additional Information
Advisory/Exploit Published = 29th May 2010

I found this vulnerability while testing my new SQL injection vulnerability scanner.
(Will be released soon!)
Actually didn't find the vulnerability when I looked at this Joomla component for
the first time, lol.


[:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::]
>> Misc
Greetz && Thanks = inj3ct0r team, Exploit DB and hack0wn!
Special Greetz = cr4wl3r and /JosS!
<3 packetstormsecurity.org!


[:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]