Joomla! Component JE Auto 1.0 – SQL Injection

• Exploit Database
• 9 阅读

• 作者： Salvatore Fresta
  日期： 2010-12-09
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/15714/

• JE Auto 1.0 SQL Injection Vulnerability
  
   NameJE Auto
   Vendorhttp://joomlaextensions.co.in/extensions/components/je-auto.html
   Versions Affected 1.0
  
   AuthorSalvatore Fresta aka Drosophila
   Website http://www.salvatorefresta.net
   Contact salvatorefresta [at] gmail [dot] com
   Date2010-12-09
  
  X. INDEX
  
   I.ABOUT THE APPLICATION
   II. DESCRIPTION
   III.ANALYSIS
   IV. SAMPLE CODE
   V.FIX
   
  
  I. ABOUT THE APPLICATION
  ________________________
  
  JE Auto is a commercial Joomla's component.
  
  
  II. DESCRIPTION
  _______________
  
  A parameter is not properly sanitised beforebeing used
  in a SQL query.
  
  
  III. ANALYSIS
  _____________
  
  Summary:
  
   A) SQL Injection
   
  
  A) SQL Injection
  ________________
  
  Inputpassed to "char"parameterisnotproperly
  sanitised before being used in a SQL query.Thiscan be
  exploitedtomanipulateSQL queries by injecting
  arbitrary SQL code.
  
  Successful exploitation requires that magic_quotes_gpc is
  set to Off.
  
  
  IV. SAMPLE CODE
  _______________
  
  A) SQL Injection
  
  http://site/path/index.php?option=com_jeauto&catid=1&item=1&Itemid=3&view=item&char=' UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14%23
  
  
  V. FIX
  ______
  
  No fix.