Joomla com_niceajaxpoll SQL Injection Exploits
The information has been provided by D4NB4R.
* Joomla com_niceajaxpoll version 1.3.0 and prior
+ — –=[ 0x01 – Software description
Nice Ajax Poll is a component for the Joomla! CMS which allows users to vote on certain questions or statements.
+ — –=[ 0x02 – Vulnerability description
There is a SQL Injection vulnerability that can be called from within the website to perform the SQL Injection attack.
+ — –=[ 0x03 – Impact
The impact of this vulnerability should be rated as critical as it is possible to access the database and therefore retreive user information such as usernames, passwords and other data. When abused, hackers could gain access to the administrative interface of Joomla.
+ — –=[ 0x04 – Affected versions
As of the source code, the version containint this vulnerability was version 1.3.0. It was not proven that the vulnerability does not exist in newer or earlier versions. Therfore the vulnerability is considered available in versions below 1.3.0.
+ — –=[ 0x05 – Vendor contact trail
Contact has not been made with the author. Author will receive a copy of the vulnerability disclosure.
+ — –=[ 0x06 – Proof of Concept (PoC)
there is a call to:
which is located on line 32. In practice this vulnerability has been verified by exploiting the following:
/index.php?option=com_niceajaxpoll&getpliseid=1 OR 1=1