Support

Admin Tools

#16781 P‌ossib‌le SQ‌L inj‌ectio‌n Weblinks Component for Joomla!

Posted in ‘Admin Tools for Joomla! 4 & 5’
This is a public ticket

Everybody will be able to see its contents. Do not include usernames, passwords or any other sensitive information.

Environment Information

Joomla! version
n/a
PHP version
n/a
Admin Tools version
n/a

Latest post by nicholas on Wednesday, 17 July 2013 01:33 CDT

Tuesday, 16 July 2013 22:14 CDT

drew
Mandatory information about my setup:

Have I read the related troubleshooter articles above before posting (which pages?)? Yes
Have I searched the tickets before posting? Yes
Have I read the documentation before posting Unhacking Your Site & others? Yes
Joomla! version: Joomla! 2.5.11 Stable [ Ember ] 26-April-2013 14:00 GMT
PHP version: 5.3.26
MySQL version: 5.5.30-cll
Host: Inmotion Hosting
Admin Tools version: PRO 2.5.6

Description of my issue:

Hello Nicholas,
I do have the .htaccess maker on and working fine, as well as web application firewall, and Super Admin ID# changed.

I had a scan done by 6scan and they had reported:
P‌ossib‌le SQ‌L inj‌ectio‌n cou‌ld al‌low h‌acker‌s to ‌manip‌ulate‌,stea‌l and‌ dest‌roy y‌our d‌ata.
Affected URL: /index.php
Vulnerability Name: Weblinks Component for Joomla! index.php Itemid Parameter SQL Injection
And suggested adding this code to the index.php file:

if ( isset( $_GET['itemid']) ){ $filtered_var = mysql_escape_string( $_GET['itemid'] ); $_GET['itemid'] = $filtered_var;}
if ( isset( $_POST['itemid']) ){ $filtered_var = mysql_escape_string( $_POST['itemid'] ); $_POST['itemid'] = $filtered_var;}
if ( isset( $_REQUEST['itemid']) ){ $filtered_var = mysql_escape_string( $_REQUEST['itemid'] ); $_REQUEST['itemid'] = $filtered_var;}

I could be wrong, however, I believe the Joomla index.php file can not be modified 'by other' with the .htaccess maker in use and as long as there are NO other exceptions added except - Template, Akkeba Backup, Admin Tools Pro, Joomla Update.

Could you please correct me if I am wrong? And is it necessary to really add this code? Is it a problem within Joomla? Your opinion?

Thanks - Drew

Wednesday, 17 July 2013 01:33 CDT

nicholas
The scanning engine isn't worth a penny. They have "detected" that you're running Joomla! and assumed that you're using a vulnerable version from 3 years ago. For your info, here's the vulnerability report from three years ago. It was fixed before it was published.

I don't know what is worse with the scanner service you used. That it gives a false positive for am attack that is absolutely trivial to test for or that the solution they propose not only involves modifying core files (NEVER, EVER DO THAT!!!!!!!) in a way that actually BREAKS JOOMLA.

PS: If you are using Admin Tools and have enabled the SQLiShield option in the Configure WAF page even a vulnerable version of Joomla! would be safe. SQLiShield actively monitors incoming data for wht looks like SQL injection and block the request. The kind of SQL injection described in this old vulnerability is of course caught and blocked. This further corraborates to our suspicion that 6scan doesn't even scan anything at all.

So, my opinion is that 6scan is a load of hot, steamy cow manure. They present misleading and inacurate information to you in order to get $10 per month per site. What a scam!

Nicholas K. Dionysopoulos

Lead Developer and Director

🇬🇷Greek: native 🇬🇧English: excellent 🇫🇷French: basic • 🕐 My time zone is Europe / Athens
Please keep in mind my timezone and cultural differences when reading my replies. Thank you!

Support Information

Working hours: We are open Monday to Friday, 9am to 7pm Cyprus timezone (EET / EEST). Support is provided by the same developers writing the software, all of which live in Europe. You can still file tickets outside of our working hours, but we cannot respond to them until we're back at the office.

Support policy: We would like to kindly inform you that when using our support you have already agreed to the Support Policy which is part of our Terms of Service. Thank you for your understanding and for helping us help you!