SQL Injection Vulnerability in Rapid Recipe Component for Joomla!
CVE-2008-2697

Currently unrated

Key Information:

Vendor: Joomla
Status: Com Rapidrecipe; Rapid Recipe
Vendor: CVE Published:; 13 June 2008

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2008-2697?

The Rapid Recipe component for Joomla! contains a SQL injection vulnerability that allows remote attackers to execute arbitrary SQL commands. This issue arises specifically through the manipulation of the recipe_id parameter during the viewrecipe action within index.php, enabling unauthorized users to potentially gain access to sensitive database information.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2008-2697 - Proof of Concept

References

https://exchange.xforce.ibmcloud.com/vulnerabilities/42924

vdb-entryx_refsource_XF

http://secunia.com/advisories/30566

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/bid/29593

vdb-entryx_refsource_BID

Download the Critical Vulnerability Management Cheat Sheet

Timeline

🟡
Public PoC available
Jun 13, 2008
👾
Exploit known to exist
Jun 13, 2008
Vulnerability published
Jun 13, 2008
Vulnerability Reserved
Jun 13, 2008

CVE-2008-2697 Data

JSON