|
|
Joomla Third-Party Plugins Multiple Vulnerabilities
|
|
Description
|
|
(#Several vulnerabilities have been identified in third-party plugins for Joomla:#- MasterForms: SQL injection#- Bargain Product VM3: SQL injection in the product_id parameter#- Price Alert: SQL injection in the product_id parameter#- Twitch Tv: SQL injection#- Appointment: SQL injection#- Photo Contest: SQL injection#- OSDownloads: SQL injection#- Responsive Portfolio: SQL injection#- KissGallery: SQL injection#- SP Movie Database: SQL injection#- Component Joomanager: arbitrary file download#- Component Quiz Deluxe: SQL injection#- Component Huge-IT Portfolio Gallery: SQL injection#- Component Huge-IT Video Gallery: SQL injection#- Component Huge-IT Portfolio Gallery: SQL injection#- Pinboard: arbitrary file upload#- Survey Force Deluxe: SQL injection in the 'invite' parameter#- CheckList: SQL injection#- Event Registration Pro: SQL injection#- Realtyna RPL: SQL injection#- Easy Backup: database backup exposure (CVE-2017-2550)#- Hotornot2: arbitrary file upload.##Proofs of concept and exploitation codes are available.#Updated, 05/03/2018:#The vulnerability affecting Joomanager plugin is currently exploited in the wild.#Updated, 06/03/2018:#The CVE-2017-18345 identifier has been attributed to the vulnerability in Component Joomanager.)
|
|
|
|
|
|
Vulnerable Products
|
|
Vulnerable Software:
Joomla (OSM Development Team) - 1.0, 1.0.1, 1.0.10, 1.0.11, 1.0.12, ..., 3.7.1, 3.7.2, 3.7.3, 3.7.4,
|
|
|
|
|
|
Solution
|
|
Version 1.1.1 of Checklist fixes its vulnerability.
|
|
|
|
|
|
CVE
|
|
CVE-2017-2550
CVE-2017-18345
|
|
|
|
|
|
References
|
|
- 0day.today : Joomla MasterForms 1.0.3 Component - SQL Injection Vulnerability
http://0day.today/exploit/28371
- 0day.today : Joomla Bargain Product VM3 1.0 Component - product_id Parameter SQL Injection Vulnerability
http://0day.today/exploit/28370
- 0day.today : Joomla Price Alert 3.0.2 Component - product_id Parameter SQL Injection Vulnerability
http://0day.today/exploit/28369
- Joomla! Vulnerable Extensions List : Twitch Tv 1.1, SQL Injection
https://vel.joomla.org/vel-blog/2005-twitch-tv-1-1-sql-injection
- Joomla! Vulnerable Extensions List : Appointment, v1.1 ,SQL Injection
https://vel.joomla.org/vel-blog/2003-appointment-v1-1-sql-injection
- 0day.today : Joomla Photo Contest 1.0.2 Component - SQL Injection Vulnerability
http://0day.today/exploits/28386
- 0day.today : Joomla OSDownloads 1.7.4 Component - SQL Injection Vulnerability
http://0day.today/exploits/28385
- 0day.today : Joomla Responsive Portfolio 1.6.1 Component - SQL Injection Vulnerability
http://0day.today/exploits/28384
- Joomla! Vulnerable Extensions List : KissGallery 1.0.0, SQL Injection
https://vel.joomla.org/vel-blog/2007-kissgallery-1-0-0-sql-injection
- Joomla! Vulnerable Extensions List : SP Movie Database 1.3, SQL Injection
https://vel.joomla.org/vel-blog/2006-sp-movie-database-1-3-sql-injection-sql-injection
- Exploit-DB : Joomla! Component Joomanager 2.0.0 - Arbitrary File Download
https://www.exploit-db.com/exploits/42590/
- Exploit-DB : Joomla! Component Quiz Deluxe 3.7.4 - SQL Injection
https://www.exploit-db.com/exploits/42589/
- Exploit-DB : Joomla Component Huge-IT Portfolio Gallery Plugin 1.0.6 - SQL Injection
https://www.exploit-db.com/exploits/42597/
- Exploit-DB : Joomla Component Huge-IT Video Gallery 1.0.9 - SQL Injection
https://www.exploit-db.com/exploits/42596/
- Exploit-DB : Joomla! Component Huge-IT Portfolio Gallery Plugin 1.0.7 - SQL Injection
https://www.exploit-db.com/exploits/42598/?rss
- CXSecurity : Joomla Pinboard Romet File Upload
https://cxsecurity.com/issue/WLB-2017090014
- Exploit-DB : Joomla! Component Survey Force Deluxe 3.2.4 - 'invite' Parameter SQL Injection
https://www.exploit-db.com/exploits/42606/
- Packet Storm Security : Joomla CheckList 1.1.0 SQL Injection
https://packetstormsecurity.com/files/143979/joomlachecklist110-sql.txt
- Joomla! Vulnerable Extensions List : Event Registration Pro,4.1.3,SQL Injection
https://vel.joomla.org/vel-blog/2012-event-registration-pro-4-1-3-sql-injection
- Joomla! Vulnerable Extensions List : Realtyna RPL, All versions, SQL Injection and Abandonware
https://vel.joomla.org/vel-blog/2016-realtyna-rpl-all-versions-sql-injection
- Vapid Labs : Joomla extension Easy Joomla Backup v3.2.4 database backup exposure
http://www.vapid.dhs.org/advisory.php?v=200
- CXSecurity : Joomla Hotornot2 Shell Upload
https://cxsecurity.com/issue/WLB-2017090057
- vel : Checklist by Joomplace,1.1.0,SQL Injection
https://vel.joomla.org/vel-blog/2021-checklist-by-joomplace-1-1-0-sql-injection
- Twitter : ankit_anubhav
https://twitter.com/ankit_anubhav/status/970673767750959104?s=11
- Joomla : Joomanager, other
https://vel.joomla.org/vel-blog/2020-joomanager-2-0-0-other
|
|
|
|
|
|
Vulnerability Manager Detection
|
|
No
|
|
|
|
|
|
IPS Protection
|
|
|
|
|
|
|
|
|
|
