SNS Vulnerability

Joomla J2Store Extension SQL Injection Vulnerability Fixed by 3.1.7

Description

A SQL injection vulnerability has been identified in J2Store extension for Joomla.
A remote attacker can exploit it via "sortby" or "manufacturer_ids" parameters of "index.php" page in order to execute arbitrary SQL queries.
An exploitation code is available in the Metasploit framework.

Vulnerable Products

Vulnerable Software:
Joomla (OSM Development Team) - 3.0.0, 3.0.1, 3.0.2, 3.0.3, 3.0.4, ..., 3.4.0, 3.4.1, 3.4.2, 3.4.3, 3.5.1

Solution

Version 3.1.7 of J2Store fixes this vulnerability.

CVE

CVE-2015-6513

References

- Volatileminds : J2Store 3.1.6 SQL injection vulnerabilities
http://volatileminds.net/2015/07/07/j2store-316-sql-injection.html
J2Store : 3.1.7 released
http://j2store.org/download-j2store/j2store-v3-3-1-7.html
Volatile minds : J2Store 3.1.6 SQL injection vulnerabilities
http://volatileminds.net/2015/07/07/j2store-316-sql-injection.html

Vulnerability Manager Detection

IPS Protection

ASQ Engine alarm	Available Since
SQL injection Prevention - POST : suspicious SELECT statement in data	3.2.0
SQL injection Prevention - POST : possible version probing in data	3.2.0
SQL injection Prevention - POST : suspicious OPENQUERY statement in data	3.2.0
SQL injection Prevention - POST : suspicious CREATE statement in data	3.2.0
SQL injection Prevention - POST : suspicious UPDATE statement in data	3.2.0
SQL injection Prevention - POST : suspicious UNION statement in data	3.2.0
SQL injection Prevention - POST : suspicious DROP statement in data	3.2.0
SQL injection Prevention - POST : suspicious INSERT statement in data	3.2.0
SQL injection Prevention - POST : suspicious OR statement in data	3.2.0
SQL injection Prevention - POST : suspicious EXEC statement in data	3.2.0
SQL injection Prevention - POST : suspicious OPENROWSET statement in data	3.2.0
SQL injection Prevention - POST : suspicious DECLARE statement in data	3.2.0
SQL injection Prevention - POST : suspicious HAVING statement in data	3.2.0
SQL injection Prevention - POST : suspicious CAST statement in data	3.2.0
SQL injection Prevention - POST : suspicious UPDATE statement in data	5.0.0
SQL injection Prevention - POST : suspicious SELECT statement in data	5.0.0
SQL injection Prevention - POST : suspicious DECLARE statement in data	5.0.0
SQL injection Prevention - POST : suspicious OPENROWSET statement in data	5.0.0
SQL injection Prevention - POST : suspicious OPENQUERY statement in data	5.0.0
SQL injection Prevention - POST : suspicious CAST statement in data	5.0.0
SQL injection Prevention - POST : suspicious EXEC statement in data	5.0.0
SQL injection Prevention - POST : suspicious CREATE statement in data	5.0.0
SQL injection Prevention - POST : suspicious INSERT statement in data	5.0.0
SQL injection Prevention - POST : suspicious DROP statement in data	5.0.0
SQL injection Prevention - POST : suspicious HAVING statement in data	5.0.0
SQL injection Prevention - POST : suspicious UNION statement in data	5.0.0
SQL injection Prevention - POST : suspicious OR statement in data	5.0.0
SQL injection Prevention - POST : possible version probing in data	5.0.0

Risk level

Moderate

Vulnerability First Public Report Date

2015-07-08

Target Type

Server

Possible exploit

Remote