Joomla! Component Blog Calendar - SQL Injection

Author: X-Cisadane
type: webapps
platform: php
port: 
date_added: 2016-12-26  
date_updated: 2016-12-26  
verified: 0  
codes:   
tags:   
aliases:   
screenshot_url:   
application_url:   

raw file: 40966.txt  

==========================================================================================
Joomla com_blog_calendar SQL Injection Vulnerability
==========================================================================================

:-------------------------------------------------------------------------------------------------------------------------:
: # Exploit Title : Joomla com_blog_calendar SQL Injection Vulnerability
: # Date : 26th December 2016
: # Author : X-Cisadane
: # CMS Name : Joomla
: # CMS Developer : http://joomlacode.org/gf/project/blog_calendar/
: # Category : Web Application
: # Vulnerability : SQL Injection
: # Tested On : SQLMap 1.0.12.9#dev
: # Greetz to : X-Code YogyaFree, ExploreCrew, CodeNesia, Bogor Hackers Community, Borneo Crew, Depok Cyber, Mantan
:-------------------------------------------------------------------------------------------------------------------------:

A SQL Injection Vulnerability has been discovered in the Joomla Module called com_blog_calendar.
The Vulnerability is located in the index.php?option=com_blog_calendar&modid=xxx Parameter.
Attackers are able to execute own SQL commands by usage of a GET Method Request with manipulated modid Value.
Attackers are able to read Database information by execution of own SQL commands.

DORKS (How to find the target) :
================================
inurl:/index.php?option=com_blog_calendar
Or use your own Google Dorks :)

Proof of Concept
================

SQL Injection
PoC :
http://[Site]/[Path]/index.php?option=com_blog_calendar&modid=['SQLi]