SECUNIA ADVISORY ID:
Manipulation of data
Flash Magazine Deluxe (component for Joomla!)
TurkGuvenligi has reported a vulnerability in the Flash Magazine
Deluxe component for Joomla!, which can be exploited by malicious
people to conduct SQL injection attacks.
Input passed via the "mag_id" parameter in index.php (when "option"
is set to "com_flashmagazinedeluxe") is not properly sanitised before
being used in SQL queries. This can be exploited to manipulate SQL
queries by injecting arbitrary SQL code.
Edit the source code to ensure that input is properly sanitised.
PROVIDED AND/OR DISCOVERED BY: