Joomla! Component Directorix Directory Manager v1.1.1 - SQL Injection

vendor:

Directorix Directory Manager

by:

Ihsan Sencan

8,8

CVSS

HIGH

SQL Injection

CWE

Product Name: Directorix Directory Manager

Affected Version From: 1.1.1

Affected Version To: 1.1.1

Patch Exists: NO

Related CWE: N/A

CPE: a:informafix:directorix_directory_manager:1.1.1

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Win7 x64, Kali Linux x64

2017

Joomla! Component Directorix Directory Manager v1.1.1 – SQL Injection

A SQL injection vulnerability exists in Joomla! Component Directorix Directory Manager v1.1.1. An attacker can send a specially crafted HTTP request to the vulnerable application in order to execute arbitrary SQL commands in the back-end database. This can potentially result in the manipulation or disclosure of arbitrary data.

Mitigation:

Developers should never construct SQL statements directly from user input. Instead, parameterized statements should be used in order to prevent SQL injection attacks. Additionally, input validation should be performed to ensure that only expected characters are accepted.

Source

Exploit-DB raw data:

# # # # # 
# Exploit Title: Joomla! Component Directorix Directory Manager v1.1.1 - SQL Injection
# Google Dork: inurl:index.php?option=com_directorix
# Date: 21.02.2017
# Vendor Homepage: http://informafix.fr/
# Software Buy: https://extensions.joomla.org/extensions/extension/directory-a-documentation/address-book/directorix-directory-manager/
# Demo: http://demo.informafix.fr/index.php?option=com_directorix
# Version: 1.1.1
# Tested on: Win7 x64, Kali Linux x64
# # # # # 
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/index.php?option=com_directorix&view=entriessearch&search_categories[]=[SQL]
# # # # #