Joomla Component Joomnik Gallery SQL Injection Vulnerability

vendor:

Joomla com_joomnik

by:

SOLVER ~ Bug Researchers

7.5

CVSS

HIGH

SQL injection

CWE

Product Name: Joomla com_joomnik

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2011

Joomla Component Joomnik Gallery SQL Injection Vulnerability

Admin Login Bilgileri Alinabilir. Example Vuln: [+]/index.php?option=com_joomnik&album=[EXPLOIT] [+] Dork: "com_joomnik" [+] Demo: http://site.com/index.php?option=com_joomnik&album=6'

Mitigation:

Zararli Karakterler Filtrenmelidir.

Source

Exploit-DB raw data:

<------------------- header data start ------------------- >
#############################################################
Joomla Component Joomnik Gallery SQL Injection Vulnerability                                      
#############################################################

# Author : SOLVER ~ Bug Researchers

# Date : 26.05.2011

# Greetz : DreamPower - CWKOMANDO - Toprak - Equ - Err0r - 10line

# Name : Joomla com_joomnik

# Bug Type : SQL injection

# Infection : Admin Login Bilgileri Alinabilir.

# Example Vuln :

[+]/index.php?option=com_joomnik&album=[EXPLOIT]

[+] Dork:"com_joomnik"

[+] Demo: http://site.com/index.php?option=com_joomnik&album=6'

# Bug Fix Advice : Zararli Karakterler Filtrenmelidir.
#############################################################
http://joomlacode.org/gf/project/joomnik/