ExploitFixes
Joomla JE Auto Component 1.0 SQL Injection Vulnerability 2010-12-09 15:15:12

JE Auto 1.0 SQL Injection Vulnerability

Name JE Auto
Vendor http://joomlaextensions.co.in/extensions/components/je-auto.html
Versions Affected 1.0

Author Salvatore Fresta aka Drosophila
Website http://www.salvatorefresta.net
Contact salvatorefresta [at] gmail [dot] com
Date 2010-12-09

X. INDEX

I. ABOUT THE APPLICATION
II. DESCRIPTION
III. ANALYSIS
IV. SAMPLE CODE
V. FIX


I. ABOUT THE APPLICATION
________________________

JE Auto is a commercial Joomla's component.


II. DESCRIPTION
_______________

A parameter is not properly sanitised before being used
in a SQL query.


III. ANALYSIS
_____________

Summary:

A) SQL Injection


A) SQL Injection
________________

Input passed to "char" parameter is not properly
sanitised before being used in a SQL query. This can be
exploited to manipulate SQL queries by injecting
arbitrary SQL code.

Successful exploitation requires that magic_quotes_gpc is
set to Off.


IV. SAMPLE CODE
_______________

A) SQL Injection

http://site/path/index.php?option=com_jeauto&catid=1&item=1&Itemid=3&view=item&char=' UNION SELECT 1,2,3,4,5,6,7,8,9,10,11,12,13,14%23


V. FIX
______

No fix.