Joomla! Core Multiple SQL Injection Vulnerabilities

Joomla! is prone to multiple SQL-injection vulnerabilities because it fails to sufficiently sanitize user-supplied data before using it in an SQL query.

Exploiting these issues could allow an attacker to compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Note: This issue was previously titled 'Joomla! Core Multiple Unspecified SQL Injection Vulnerabilities'. The title and technical details have been changed to better reflect the underlying component affected.

Joomla! versions 3.2.0 through 3.4.4 are vulnerable.


Privacy Statement
Copyright 2010, SecurityFocus