Application : Visitors Google Map Lite 1.0.1 (FREE) (module:mod_visitorsgooglemap)
Developer : Serdar Gökkus
Compatibility : Joomla 1.5 Native
License : GPLv2 or later
Date Added : Sunday August 29, 2010 01:14:14
Download : 0d1K9s2c8@1M7q4)9K6b7g2)9J5c8W2)9J5c8Y4N6%4N6#2)9J5k6h3y4G2L8h3I4S2L8Y4c8A6M7#2)9J5k6h3y4G2L8g2)9J5c8X3c8G2N6$3&6D9L8$3q4V1i4K6u0r3k6r3!0U0i4K6g2X3k6r3!0%4L8X3I4G2j5h3c8Q4x3V1j5J5i4K6u0V1N6X3W2K6K9i4c8G2M7Y4y4Q4x3X3c8Y4L8$3!0Y4L8r3g2Q4x3X3c8E0j5i4m8Q4x3X3c8D9K9i4c8W2i4K6u0V1x3e0l9I4i4K6u0V1k6Y4u0W2k6g2)9J5k6h3S2@1L8h3H3`.
I. BACKGROUND
This extension tracks visitors of your site in real time and displays their
locations in Google Map. It uses three main technologies:
- Map API of Google
- AJAX
- IP geolocation API of IPInfoDB
Content of VisitorsGoogeMap Package:
This extension contains one Joomla Compoment and two Joomla Modules.
com_visitorsgooglemap: This component is responsible for the creation
database table during installation and remove
it clearly in case of uninstallation.
mod_visitorsgooglemap: This module is responsible for the display of
Google Map in desired module position in your
template and track the visitors of your Joomla
page in the map.
mod_visitorsgooglemap_agent: This module is responsible for the updating
visitors information in the database.
II. DESCRIPTION
Some sql injecton vulnerabilities exist in mod_visitorsgooglemap module .
III. ANALYSIS
The bug is in the following files, specifying the lines
/mod_visitorsgooglemap/map_data.php
[16] [if ($_GET['action'] == 'listpoints')
[17] {
[18] $lastMarkerID = $_GET['lastMarkerID'];
[19] ini_set('default_mimetype','text/xml'); // manchmal notwendig
[20] header ('Content-Type: text/xml'); // reicht nicht immer
[21] echo '<?xml version="1.0" ?>';
[22] echo '<xmlresponse>';
[23] $database =& JFactory::getDBO();
[24] $query = "SELECT * FROM #__visitorsgooglemap_location where id > $lastMarkerID order by id";
Explanation:As noted in the line [24] $ lastMarkerID
nowhere is filtered, which result in a query pede unexpected
