Joomla component com_jinc (newsid) Blind SQL Injection Vulnerability

2009-09-21T00:00:00
ID SSV:18300
Type seebug
Reporter Root
Modified 2009-09-21T00:00:00

Description

No description provided by source.

                                        
                                            
                                                ---------------------------------------------------------------------------------
joomla component com_jinc (newsid) Blind SQL Injection Vulnerability
---------------------------------------------------------------------------------

Author          : Chip D3 Bi0s
Group           : LatiHackTeam
Email           : chipdebios[alt+64]gmail.com
Date            : 21 September 2009
Critical Lvl    : Moderate
Impact	        : Exposure of sensitive information
Where	        : From Remote
---------------------------------------------------------------------------

Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~~

Application     : JINC (Joomla! Integrated Newsletters Component)
version         : 0.2
Developer       : lhacky
License         : GPL            type  : Non-Commercial
Date Added      : 2 September 2009
Demo            : http://www.lhacky.org/jextensions/index.php?option=com_content&view=article&id=18:how-to-use&catid=12:jinc-documentation&Itemid=28

Download        : http://www.lhacky.org/jextensions/index.php?option=com_content&view=article&id=3&Itemid=15

Description     :

JINC (Joomla! Integrated Newsletters Component) is a easy-to-use and administer newsletter component for Joomla!.
Using JINC your website users can auto-subscribe and unsubscribe to newsletters you defined.

JINC includes classical newsletter functionalities

* Newsletter, messages and subscription management.
* TAG substitution inside the messages body.
* User auto-registration with welcome message at subscription time.
* Newsletter Disclaimer.
* HTML and Text Plain messages.
* Massive or personalized messages.
* Reports on message sending.
* Subscription creating user "on the fly".
* Message preview to message creator before sending to the newsletter subscribers


---------------------------------------------------------------------------


I.Blind SQL injection (newsid) Poc/Exploit:
~~~~~~~~~
http://127.0.0.1/[path]/index.php?option=com_jinc&view=messages&newsid=1[blind]


To make, you must be registered

+++++++++++++++++++++++++++++++++++++++
[!] Produced in South America
+++++++++++++++++++++++++++++++++++++++

# milw0rm.com [2009-09-21]