BID:25508

Joomla! 1.5 Multiple Input Validation Vulnerabilities

Info

Joomla! 1.5 Multiple Input Validation Vulnerabilities

Bugtraq ID:	25508
Class:	Input Validation Error
CVE:	CVE-2007-4780 CVE-2007-4781 CVE-2007-4777
Remote:	Yes
Local:	No
Published:	Sep 01 2007 12:00AM
Updated:	Jul 05 2016 10:00PM
Credit:	The vendor disclosed the cross-site scripting vulnerability. Silentz discovered the SQL-injection vulnerability.
Vulnerable:	Joomla Joomla 1.5.0 Beta Joomla Joomla 1.5 RC1 Joomla Joomla 1.5 Beta 2

Not Vulnerable:	Joomla Joomla 1.5 RC2

Discussion

Joomla! 1.5 Multiple Input Validation Vulnerabilities

Joomla! is prone to multiple input-validation vulnerabilities because the application fails to sanitize user-supplied input. These issues include a cross-site scripting vulnerability and an SQL-injection vulnerability.

A successful exploit may allow an attacker to steal cookie-based authentication credentials, execute malicious script code in a user's browser, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

These issues are present in Joomla 1.5 prior to RC2.

Exploit / POC

Joomla! 1.5 Multiple Input Validation Vulnerabilities

To exploit a cross-site scripting vulnerability, an attacker entices an unsuspecting victim to follow a malicious URI. The attacker can exploit SQL-injection vulnerabilities through a browser.

The following exploit is available to demonstrate the SQL-injection vulnerability:

/data/vulnerabilities/exploits/25508.php

Solution / Fix

Joomla! 1.5 Multiple Input Validation Vulnerabilities

Solution:
The vendor has released Joomla 1.5 RC2 to address these issues. Please see the references for more information.

Joomla Joomla 1.5.0 Beta

Joomla Joomla-1.5RC.tar.bz2
http://joomlacode.org/gf/download/frsrelease/5422/15167/Joomla-1.5RC.t ar.bz2

Joomla Joomla 1.5 RC1

Joomla Joomla-1.5RC.tar.bz2
http://joomlacode.org/gf/download/frsrelease/5422/15167/Joomla-1.5RC.t ar.bz2

Joomla Joomla 1.5 Beta 2

Joomla Joomla-1.5RC.tar.bz2
http://joomlacode.org/gf/download/frsrelease/5422/15167/Joomla-1.5RC.t ar.bz2

References

Joomla! 1.5 Multiple Input Validation Vulnerabilities

References:

Joomla! 1.5 RC2 Endeleo Released - Happy Birthday Joomla! (Joomla!)
Joomla! Homepage (Joomla )
Multiple vulnerabilities in Joomla 1.5 RC 1 (Omid)