Joomla! Search Component Remote Command Execution Vulnerability

Joomla! Search Component Remote Command Execution Vulnerability

Joomla! is prone to a remote command-execution vulnerability because it fails to adequately sanitize user-supplied data.

Attackers can exploit this issue to execute arbitrary commands with the privileges of the affected application. Successful attacks may facilitate a compromise of the application and underlying webserver; other attacks are also possible.

Joomla! 1.5 beta 2 is reported vulnerable; prior versions may be affected as well. Note that the stable version 1.0.13 is not affected by this issue.