Joomla! ‘index.php’ SQL injection vulnerability-vulnerability warning-the black bar safety net

2014-02-18T00:00:00
ID MYHACK58:62201442402
Type myhack58
Reporter 佚名
Modified 2014-02-18T00:00:00

Description

SSV-ID:6 1 4 5 9

Ranking Wiki contributions to vulnerability scanning to cloud storage VPS Mac

SSV-AppDir:Joomla vulnerability

Published: 2014-02-06

Vulnerability version:

Joomla! 3.2.1

Vulnerability description:

BUGTRAQ ID: 6 5 4 1 0

Joomla! Is the United States the Open Source Matters team developed a set of Open-Source content management system(CMS). The system provides RSS feeds, site search and other functions.

Joomla! In the presence ofSQL injectionvulnerability stems from a program using the SQL query statement does not sufficiently filter user-submitted input. An attacker can exploit the vulnerability control application, access or modify data, or the use of the underlying database potential vulnerability. Joomla! 3.2.1 version vulnerability exists in other versions may also be affected.

< * reference

> http://www.securityfocus.com/bid/65410 http://sebug.net/appdir/Joomla

*>

Test method:

http://www.example.com/Joomla_3.2.1/index.php/weblinks-categories?id=[SQL Injection]

Sebug Safety recommendations:

The current vendor does not provide a patch or upgrade procedure, we recommend the use of this software users follow the manufacturer's home page to get the latest version:

http://www.joomla.org/