Joomla Component Sobi2 version 2.9.3.2 SQL Injection Vulnerability
# Exploit Title: SOBI2 2.9.3.2 Joomla! Component Blind SQL Injections
# Date: 13 July 2011
# Author: jdc
# Software Link: http://www.sigsiu.net
# Version: 2.9.3.2
# Fixed In: 2.9.4
# Verified: http://www.sigsiu.net/changelog as "# Bugfix: Blind SQL
injection"
Versions prior to 2.9.4 suffer from a blind sql injection in both the
"tag" and "letter" parameters. The request MUST reach
the site with these parameters urlencoded for the injection to succeed.
POSTDATA: option=com_sobi2&tmpl=component&tag=[Encoded SQL]
POSTDATA: option=com_sobi2&tmpl=component&letter=[Encoded SQL]
Updated release:
http://www.sigsiu.net/latest_news/sobi2_version_2.9.4_released.html
Lo sviluppatore ha rilasciato una versione aggiornata 2.9.4, si consiglia di eseguire l'aggiornamento all'ultima versione quanto prima.
Il 14 luglio 2011 è stata rilasciata un'ulteriore versione correttiva 2.9.4.1, segue il changelog
2.9.4.1 (14 Jul 2011)
# Bugfix: XSS Vulnerability in search function
2.9.4 (13 Jul 2011)
# Bugfix: Notices in Entry Manager if Status filter is set
# Bugfix: Warnings if searchword with apostrophes
# Bugfix: MySQL errors in fields manager if adding select list/chkbox group options with apostrophe or backslash if magic quotes off
# Bugfix: Deselecting checkboxes while editing an entry
# Bugfix: Wrong (or no) relation ordering with MySQL 5.5.x
# Bugfix: Decimals and Currency for total amount in payment email
# Bugfix: Blind SQL injection
# Bugfix: Escaped character(s) in Meta Keywords/Tags
# Bugfix: Missing catid after saving new entry
# Bugfix: Sender of admin emails
# Bugfix: Checkbox group as required field
# Bugfix: Waysearch-URL not HTML valid
