Joomla! 'index.php' SQL Injection Vulnerability
BID:52549
Info
Joomla! 'index.php' SQL Injection Vulnerability
| Bugtraq ID: | 52549 |
| Class: | Input Validation Error |
| CVE: | |
| Remote: | Yes |
| Local: | No |
| Published: | Mar 18 2012 12:00AM |
| Updated: | Mar 18 2012 12:00AM |
| Credit: | Alejandro Ramos |
| Vulnerable: |
Joomla Joomla! 2.5 |
| Not Vulnerable: |
Joomla Joomla! 2.5.1 |
Discussion
RETIRED: Joomla! 'index.php' SQL Injection Vulnerability
Joomla! is prone to an SQL-injection vulnerability because because it fails to sufficiently sanitize user-supplied data.
A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This BID is being retired as a duplicate of the issue discussed in BID 52312 (Joomla! 'redirect.php' SQL Injection Vulnerability).
Joomla! is prone to an SQL-injection vulnerability because because it fails to sufficiently sanitize user-supplied data.
A successful exploit may allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.
This BID is being retired as a duplicate of the issue discussed in BID 52312 (Joomla! 'redirect.php' SQL Injection Vulnerability).
Exploit / POC
RETIRED: Joomla! 'index.php' SQL Injection Vulnerability
An attacker can exploit the issue using a browser.
The following exploit code is available:
An attacker can exploit the issue using a browser.
The following exploit code is available:
Solution / Fix
RETIRED: Joomla! 'index.php' SQL Injection Vulnerability
Solution:
Updates are available; please see the references for details.
Solution:
Updates are available; please see the references for details.