CVE-2018-7314 Scanner

Joomla! is a widely used open-source content management system (CMS) utilized by individuals, small businesses, and large organizations for creating and managing websites. PrayerCenter is a third-party component for Joomla! that provides users with functionalities to manage and categorize prayer requests. It is commonly used by religious organizations and community groups to facilitate prayer request management on their Joomla! powered websites. Due to its integration with Joomla!, PrayerCenter is responsible for handling external inputs and converting them to database queries. This component is favored for its ease of use and ability to manage prayer submissions and approvals effectively. However, this integration also makes it vulnerable to certain types of web-based attacks if not properly secured.

The SQL Injection vulnerability found in the Joomla! Component PrayerCenter 3.0.2 version allows an attacker to manipulate database queries by injecting malicious SQL code via the sessionid parameter. This can compromise the application's database confidentiality, integrity, and availability. SQL Injection, often ranked highly in the Common Weakness Enumeration (CWE), indicates significant security risks when user inputs are improperly sanitized. Such vulnerabilities can lead to unauthorized data access, alteration, or even complete erasure of data. PrayerCenter's integration within Joomla! makes it susceptible to these injection risks, highlighting the need for input validation and parameterized queries.

The vulnerability detected here involves the manipulation of SQL queries through the sessionid parameter present in an HTTP GET request. The crafted URL uses an SQL payload that includes the EXTRACTVALUE function combined with a specific string to test and confirm the exploitability of the vulnerability. The lack of proper validation in the component’s query function allows input like SQL commands to be executed by the database server, providing an attacker with the ability to interact with the database arbitrarily. This technical weakness arises from improperly handled or sanitized inputs in the application layer, particularly in sections interacting with databases.

Exploitation of this SQL Injection vulnerability can have severe consequences. Attackers can gain unauthorized access to sensitive information stored in the databases of affected Joomla! websites. There is potential for data theft or destruction, evasion of application security, and even the deployment of further exploits on the system. Compromised systems could lead to loss of trust among users, financial repercussions, and legal liabilities for failing to safeguard confidential data. Damage could extend beyond data-related issues, potentially allowing system takeover or spread to other connected systems.

REFERENCES

• https://www.exploit-db.com/exploits/44160
• https://github.com/jweny/pocassistdb
• https://github.com/0ps/pocassistdb