← Advisories

Realtyna RPL 8.9.2 Joomla Extension Multiple SQL Injection Vulnerabilities

High
Advisory ID
ZSL-2015-5272
Release Date
22 October 2015
Vendor
Realtyna LLC - https://www.realtyna.com
Affected Version
8.9.2
CVE
CVE-2015-7714
Tested On
Apache, PHP/5.4.38
Summary

Realtyna CRM (Client Relationship Management) Add-on for RPL is a Real Estate CRM specially designed and developed based on business process and models required by Real Estate Agents/Brokers. Realtyna CRM intends to increase the Conversion Ratio of the website Visitors to Leads and then Leads to Clients.

Description

Realtyna RPL suffers from multiple SQL Injection vulnerabilities. Input passed via multiple POST parameters is not properly sanitised before being returned to the user or used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Proof of Concept
realtyna_sqli.txtTXT
Disclosure Timeline
05.10.2015Vulnerability discovered.
06.10.2015CVE-2015-7714 and CVE-2015-7715 assigned.
07.10.2015Contact with the vendor.
07.10.2015Vendor responded asking for details.
07.10.2015Advisory and details sent to the vendor.
08.10.2015Vendor confirms the vulnerability scheduling patch release date.
21.10.2015Vendor releases version 8.9.5 to address these issues.
22.10.2015Coordinated public security advisory released.
Credits
Vulnerability discovered by Bikramaditya Guha
High five to lqwrm and crash!
References
[1]http://rpl.realtyna.com/Change-Logs/RPL7-Changelog
[2]https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7714
[3]https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2015-7714
[4]https://cxsecurity.com/issue/WLB-2015100147
[5]https://www.exploit-db.com/exploits/38527/
[6]https://packetstormsecurity.com/files/134066
[7]https://exchange.xforce.ibmcloud.com/vulnerabilities/107582
Changelog
22.10.2015Initial release
24.10.2015Added reference [4], [5] and [6]
31.10.2015Added reference [7]