Joomla Component City Portal Blind SQL Injection Vulnerability

vendor:

Joomla Component City Portal

by:

Fl0riX

7.5

CVSS

HIGH

Blind SQL Injection

CWE

Product Name: Joomla Component City Portal

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2020

Joomla Component City Portal Blind SQL Injection Vulnerability

An attacker can gain admin login credentials by exploiting a blind SQL injection vulnerability in the Joomla Component City Portal. The vulnerability can be exploited by appending a malicious SQL query to the URL. For example, an attacker can append 'and 1=0' to the URL to check if the query is valid. If the page loads without any errors, the query is valid and the attacker can append 'and 1=1' to the URL to gain access to the admin login credentials.

Mitigation:

Filter out malicious characters.

Source

Exploit-DB raw data:

<------------------- header data start ------------------- >
#########################################################################
#        Joomla Component City Portal Blind SQL Injection Vulnerability #                                     
#########################################################################
# author        : Fl0riX 

# Script Name    : Joomla Component City Portal

# Bug Type       : Blind SQL Injection

# Infection      : Admin login bilgileri al&#65533;nabilir.

# Demo Vuln.     : 
(-)
&#65533; http://server/index.php?option=com_content&task=view&id=36&Itemid=1 and 1=0
(+)
&#65533; http://server/index.php?option=com_content&task=view&id=36&Itemid=1 and 1=1

# Bug Fix Advice : Zararl&#65533; karakterler filtrelenmelidir.

#############################################################

< ------------------- header data end of ------------------- >

< -- bug code start -- >

path/index.php?option=com_content&task=view&id=36&Itemid=[Blind SQL]

< -- bug code end of -- >