Joomla Guru Pro (com_guru) Component - SQL Injection

vendor:

Guru Pro

by:

s0nk3y

7,5

CVSS

HIGH

SQL Injection

CWE

Product Name: Guru Pro

Affected Version From: All

Affected Version To: All

Patch Exists: NO

Related CWE: N/A

CPE: N/A

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: Ubuntu 16.04

2016

Joomla Guru Pro (com_guru) Component – SQL Injection

Guru, allows you to create online courses easily! The Itemid parameter of the com_guru component is vulnerable to SQL Injection. A proof of concept is provided in the text, where an attacker can inject malicious SQL code into the Itemid parameter of the URL.

Mitigation:

No solution is available.

Source

Exploit-DB raw data:

# Exploit Title: Joomla Guru Pro (com_guru) Component - SQL Injection
# Exploit Author: s0nk3y
# Date: 14/07/2016
# Vendor Homepage: https://www.ijoomla.com
# Software Link: https://www.ijoomla.com/component/digistore/products/47-joomla-add-ons/119-guru-pro/189?Itemid=189
# Category: webapps
# Version: All
# Tested on: Ubuntu 16.04

1. Description

Turn your knowledge into dollars! Sell Your Courses Today!

Guru, allows you to create online courses easily! We believe that everyone is an expert in something. If you know something that others don't, there is no better time to profit from it. You can create a course about your topic and start generating income.

2. Proof of Concept

Itemid Parameter Vulnerable To SQL Injection

com_guru&view=gurupcategs&layout=view&Itemid=[SQL Injection]&lang=en

Demo :
http://server/index.php?option=com_guru&view=gurupcategs&layout=view&Itemid=123%27&lang=en