Vigil@nce: Joomla, SQL injection of com_bookjoomlas
April 2009 by Vigil@nce
SYNTHESIS OF THE VULNERABILITY
An attacker can generate a SQL injection in the com_bookjoomlas
extension of Joomla.
Severity: 2/4
Consequences: data reading, data creation/edition
Provenance: internet client
Means of attack: 1 attack
Ability of attacker: technician (2/4)
Confidence: unique source (2/5)
Diffusion of the vulnerable configuration: high (3/3)
Creation date: 10/04/2009
IMPACTED PRODUCTS
– Joomla!
DESCRIPTION OF THE VULNERABILITY
The BookJoomlas (com_bookjoomlas) extension provides a guestbook
for Joomla sites.
The sub_commententry.php script of BookJoomlas directly uses its
"gbid" parameter in a SQL query.
An attacker can therefore add SQL commands in the url in order to
obtain users’ passwords.
CHARACTERISTICS
Identifiers: BID-34392, CVE-2009-1263, VIGILANCE-VUL-8620
http://vigilance.fr/vulnerability/Joomla-SQL-injection-of-com-bookjoomlas-8620