Description

An SQL Injection vulnerability in Joomla! Core was reported on February 29, 2012 and affects Joomla 2.5.1, 2.5.0, 1.7.4 and all earlier 1.7.x variants.

Remediation

Users of these versions are strongly urged to upgrade to 2.5.2 immediately.

References

[20120301] - Core - SQL Injection

Related Vulnerabilities

WordPress Resource Management Errors Vulnerability (CVE-2014-5265)

Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2013-4522)

PrestaShop Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-2517)

Joomla Improperly Controlled Modification of Object Prototype Attributes ('Prototype Pollution') Vulnerability (CVE-2019-11358)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-0308)

Severity

High

Classification

CVE-2012-1116 CWE-89 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Known Vulnerabilities SQL Injection