header-logo
Suggest Exploit
vendor:
Joomla Component OS Property Real Estate
by:
Ihsan Sencan
9.8
CVSS
CRITICAL
SQL Injection
89
CWE
Product Name: Joomla Component OS Property Real Estate
Affected Version From: 3.12.7
Affected Version To: 3.12.7
Patch Exists: YES
Related CWE: CVE-2018-7319
CPE: a:joomdonation:joomla_component_os_property_real_estate
Metasploit: N/A
Other Scripts: N/A
Platforms Tested: WiN7_x64/KaLiLinuX_x64
2018

Joomla! Component OS Property Real Estate 3.12.7 – SQL Injection

A SQL injection vulnerability exists in Joomla! Component OS Property Real Estate 3.12.7. An attacker can send a specially crafted HTTP request containing malicious SQL statements to the vulnerable application in order to gain access to unauthorized information or to manipulate data. The vulnerable parameter is 'cooling_system1', 'heating_system1' and 'laundry' which can be found in the URL http://localhost/[PATH]/os-property-layouts/search-tools/advanced-search?&option=com_osproperty&task=property_advsearch.

Mitigation:

Developers should always use parameterized queries to prevent SQL injection attacks. Additionally, input validation should be performed to ensure that user-supplied data does not contain malicious SQL statements.
Source

Exploit-DB raw data:

# # # #
# Exploit Title: Joomla! Component OS Property Real Estate 3.12.7 - SQL Injection
# Dork: N/A
# Date: 22.02.2018
# Vendor Homepage: https://www.joomdonation.com/
# Software Link: https://extensions.joomla.org/extensions/extension/vertical-markets/real-estate/os-property/
# Version: 3.12.7
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: CVE-2018-7319
# # # #
# Exploit Author: Ihsan Sencan
# # # #
# 
# POC: 
# 
# 1)
# http://localhost/[PATH]/os-property-layouts/search-tools/advanced-search?&option=com_osproperty&task=property_advsearch
# &cooling_system1=[SQL]
# &heating_system1=[SQL]
# &laundry=[SQL]
# 
# # # #

Navigation

Suggest Exploit

Services By CQR