SQL Injection Vulnerability in Joomla! Component by Prince Clan Chess Club
CVE-2008-0761

Currently unrated

Key Information:

Vendor: Joomla
Status: Com Pcchess
Vendor: CVE Published:; 13 February 2008

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2008-0761?

An SQL injection vulnerability exists in the index.php file of the Prince Clan Chess Club component for Joomla!, which allows remote attackers to execute arbitrary SQL commands. This vulnerability specifically arises from improper handling of the user_id parameter in the players action, encouraging attackers to manipulate database queries and potentially compromise the security of the Joomla! installation.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2008-0761 - Proof of Concept

References

https://www.exploit-db.com/exploits/5104

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/27761

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/40436

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Feb 13, 2008
👾
Exploit known to exist
Feb 13, 2008
Vulnerability published
Feb 13, 2008
Vulnerability Reserved
Feb 13, 2008

CVE-2008-0761 Data

JSON