SECUNIA ADVISORY ID:
SA36607
VERIFY ADVISORY:
http://secunia.com/advisories/36607/
DESCRIPTION:
A vulnerability has been reported in Joomlub, which can be exploited
by malicious people to conduct SQL injection attacks.
Input passed via the "aid" parameter to index.php (if "option" is set
to "com_joomlub", "controller" and "view" are set to "auction", and
"task" is set to "edit") is not properly sanitised before being used
in SQL queries. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.
SOLUTION:
Reportedly fixed. Contact the vendor for additional information.
PROVIDED AND/OR DISCOVERED BY:
599eme Man
ORIGINAL ADVISORY:
http://milw0rm.com/exploits/9593
DOWNLOAD
JOOMLA!
OUR NETWORK
Joomla Extensions, Joomla Templates
Joomla!® User Group Thailand
รับทำเว็บ Joomla, อบรบ Joomla
