Description

Joomla! CMS versions 3.1.0 through 3.2.2 are vulnerable to an SQL injection vulnerability if the default data is selected during installation.

Remediation

Upgrade to the latest version of Joomla!.

References

[20140301] - Core - SQL Injection

Related Vulnerabilities

WordPress Plugin oQey Gallery 'gal_id' Parameter SQL Injection (0.4.8)

WordPress Plugin NEX-Forms-Ultimate Form builder Multiple SQL Injection Vulnerabilities (4.0)

WordPress Plugin Xllentech English Islamic Calendar SQL Injection (2.6.7)

WordPress Plugin WP Symposium A Social Network For WordPress Multiple SQL Injection Vulnerabilities (12.06.16)

WordPress Plugin GSEOR-WordPress SEO SQL Injection (1.3)

Severity

High

Classification

CWE-89 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

SQL Injection