Injection: Joomla departments - SQL Injection¶
Identifier:
joomla_department_sqli
Scanner(s) Support¶
| GraphQL Scanner | REST Scanner | WebApp Scanner | ASM Scanner |
|---|---|---|---|
Description¶
Joomla! com_departments parameter contains a SQL injection vulnerability, allowing attackers to obtain sensitive information from databases, modify data, and execute unauthorized administrative operations.
How we test: We test for SQL injection vulnerabilities in Joomla com_departments by injecting malicious SQL payloads into the parameter and analyzing responses to detect if SQL queries are executed.
Reference:
- https://github.com/opensec-cn/kunpeng/blob/master/plugin/json/joomla_departments_sqli.json
- https://github.com/w3bd0gs/cocoworker/blob/master/plugins/beebeeto/poc_2014_0170.py
Configuration¶
Example¶
Example configuration:
Reference¶
skip¶
Type : boolean
Skip the test if true.