SECUNIA ADVISORY ID:
A vulnerability has been reported in the JEvents Search plugin for
Joomla, which can be exploited by malicious people to conduct SQL
Input passed to the "plgSearchEventsearch::onSearch()" method in
eventsearch.php is not properly sanitised before being used in a SQL
query. This can be exploited to manipulate SQL queries by injecting
arbitrary SQL code.
The vulnerability is reported in versions prior to 1.5.3b.
Update to version 1.5.3b or later.
PROVIDED AND/OR DISCOVERED BY:
Reported by the vendor.