Summary
This host is running Joomla! Barter Sites component and is prone to SQL injection vulnerability.
Impact
Successful exploitation will let attackers to cause SQL Injection attack and gain sensitive information.
Impact Level: Application.
Solution
Update to version 1.3.2 or later,
For updates refer to http://www.barter-sites.com
Insight
The flaw is caused by improper validation of user-supplied input via the 'category_id' parameter to index.php (when 'option' is set to 'com_listing' and 'task' is set to 'browse'), which allows attacker to manipulate SQL queries by injecting arbitrary SQL code.
Affected
Joomla! Barter Sites Component Version 1.3
References
Severity
Classification
-
CVE CVE-2011-4829, CVE-2011-4830 -
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P
Related Vulnerabilities