Joomla! JEXTN Membership 3.1.0 SQL Injection

Joomla! JEXTN Membership component version 3.1.0 suffers from a remote SQL injection vulnerability.


MD5 | 5f1419e50ed85b94dd410fc19bfd6d79

################################################
#Title: Joomla! JEXTN Membership 3.1.0 - SQL injection
#Credit: Bilal KARDADOU
#Vendor: http://www.jextn.com
#URL:
https://extensions.joomla.org/extensions/extension/e-commerce/membership-a-subscriptions/jextn-membership/
#Product: 'Joomla! JEXTN Membership 3.1.0'
#Developer: jextn.com
#Last updated: Jan 05 2016
#Compatibility: 3.X
#Type: Paid download
################################################
#
# 1-GET -p [planid]
#
#
http://127.0.0.1/joomla/index.php?option=com_jemembership&view=plans&task=plans.getSubscriptionplans&planid=6[SQLI]
#
# 2-POST -p [subscription1_periods]
#
# http://127.0.0.1/joomla/index.php/my-profile?view=registration
#
# subscription1_periods=2[SQLI]
#
# 3-POST -p [period_name]
#
#
http://demo01.jextn.com/membership-demo/index.php/my-profile?view=registration
#
# period_name=2[SQLI]
#
# PoC:
# https://prnt.sc/hukhde
# https://prnt.sc/hukhue
# https://prnt.sc/huki0n
# https://prnt.sc/huki61
#
#Greetz to imad teb bernoussi lmkalkhine
# Bilal KARDADOU - https://www.linkedin.com/in/kardadou/)
################################################

Related Posts