Joomla Bible Study Component "id" SQL Injection

SECUNIA ADVISORY ID:
SA30492

VERIFY ADVISORY:
http://secunia.com/advisories/30492/

CRITICAL:
Moderately critical

IMPACT:
Manipulation of data, Exposure of sensitive information

WHERE:
>From remote

SOFTWARE:
Bible Study 6.x (component for Joomla)
http://secunia.com/product/18942/

DESCRIPTION:
Stack & Jadi have reported a vulnerability in the Bible Study
component for Joomla!, which can be exploited by malicious people to
conduct SQL injection attacks.

Input passed to the "id" parameter in the Joomla! installation's
index.php script (when "option" is set to "com_biblestudy" and "view"
to "mediaplayer") is not properly sanitised before being used in SQL
queries. This can be exploited to manipulate SQL queries by injecting
arbitrary SQL code.

Successful exploitation allows e.g. retrieving administrator
usernames and password hashes.

The vulnerability is reported in version 6.0.7b. Prior versions may
also be affected.

SOLUTION:
Update to version 6.0.7c.

PROVIDED AND/OR DISCOVERED BY:
Stack & Jadi

ORIGINAL ADVISORY:
Bible Study:
http://joomlacode.org/gf/project/biblestudy/news/?action=NewsThreadView&id=1454

Stack & Jadi:
http://milw0rm.com/exploits/5710

RECENT ARTICLE

RECENT POST