IDoBlog Component for Joomla! 'userid' Parameter SQLi

high Nessus Plugin ID 41645

Synopsis

The remote web server contains a PHP application that is affected by a SQL injection vulnerability.

Description

The version of the IDoBlog component for Joomla! running on the remote host is affected by a SQL injection vulnerability due to improper sanitization of user-supplied input to the 'userid' parameter in a GET request (when 'task' is set to 'profile') before using it to construct database queries. An unauthenticated, remote attacker can exploit this issue to manipulate database queries, resulting in disclosure of sensitive information, modification of data, or other attacks against the underlying database.

Solution

Unknown at this time.

Plugin Details

Severity: High

ID: 41645

File Name: idoblog_userid_sql_injection.nasl

Version: 1.17

Type: remote

Family: CGI abuses

Published: 9/25/2009

Updated: 4/11/2022

Configuration: Enable thorough checks

Supported Sensors: Nessus

Risk Information

VPR

Risk Factor: Medium

Score: 4.2

CVSS v2

Risk Factor: High

Base Score: 7.5

Vector: CVSS2#AV:N/AC:L/Au:N/C:P/I:P/A:P

CVSS v3

Risk Factor: High

Base Score: 7.3

Vector: CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L

Vulnerability Information

CPE: cpe:/a:joomla:joomla%5c%21

Required KB Items: www/PHP, installed_sw/Joomla!

Exploit Available: true

Exploit Ease: Exploits are available

Exploited by Nessus: true

Vulnerability Publication Date: 8/11/2009

Reference Information

CVE: CVE-2009-3417

BID: 80456

CWE: 89

SECUNIA: 36243