Joomla! "id" Parameter SQL Injection Vulnerability

SECUNIA ADVISORY ID:
SA21665

VERIFY ADVISORY:
http://secunia.com/advisories/21665/

CRITICAL:
Less critical

IMPACT:
Manipulation of data

WHERE:
>From remote

SOFTWARE:
Joomla! 1.x
http://secunia.com/product/5788/

DESCRIPTION:
A vulnerability has been discovered in Joomla!, which can be
exploited by malicious users to conduct SQL injection attacks.

For more information:
SA21644

The vulnerability has been confirmed in version 1.0.10. Other
versions may also be affected.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

Grant only trusted users "Editor" privileges.

OTHER REFERENCES:
SA21644:
http://secunia.com/advisories/21644/

RECENT ARTICLE

RECENT POST