[20140301] - Core - SQL Injection

  • Project: Joomla!
  • SubProject: CMS
  • Severity: High
  • Versions: 3.1.0 through 3.2.2
  • Exploit type: SQL Injection
  • Reported Date: 2014-February-06
  • Fixed Date: 2014-March-06
  • CVE Number: Pending

Description

Inadequate escaping leads to SQL injection vulnerability.

Affected Installs

Joomla! CMS versions 3.1.0 through 3.2.2

Solution

Upgrade to version 3.2.3

Contact

The JSST at the Joomla! Security Center.

Reported By: ??
[20140301] - Core - SQL Injection

Read more http://feeds.joomla.org/~r/JoomlaSecurityNews/~3/xcttKR2_t_4/578-20140301-core-sql-injection.html

Contact us

Need a Joomla Expert?