Joomla SQL Injection Vulnerability Network Vulnerability

Summary

The host is running Joomla and is prone to SQL injection vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary SQL commands in applications database and gain complete control over the vulnerable web application. Impact Level: Application

Solution

Upgrade to version 3.2.3 or later, For updates refer to http://www.joomla.org

Insight

The flaw is due to an improper validation of 'id' parameter passed to 'index.php' script.

Affected

Joomla version 3.2.1 and probably other versions.

Detection

Send a crafted exploit string via HTTP GET request and check whether it is possible to execute sql query.

References

http://www.exploit-db.com/exploits/31459/

Updated on 2017-03-28

Severity

Classification

CVSS	Base Score: 7.5 AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

A-A-S Application Access Server Multiple Vulnerabilities
AIOCP 'cp_html2xhtmlbasic.php' Remote File Inclusion Vulnerability
AdPeeps 'index.php' Multiple Vulnerabilities.
ActualAnalyzer Lite 'ant' Cookie Parameter Remote Command Execution Vulnerability
AWCM CMS Multiple Remote File Include Vulnerabilities

Take action and discover your vulnerabilities