Description

Joomla! CMS versions 3.1.0 through 3.2.2 are vulnerable to an SQL injection vulnerability if the default data is selected during installation.

Remediation

Upgrade to the latest version of Joomla!.

References

[20140301] - Core - SQL Injection

Related Vulnerabilities

WordPress Plugin Entries For WPForms SQL Injection (1.4.0)

WordPress Plugin Users Ultra SQL Injection (1.5.15)

WordPress Plugin Visualizer:Tables and Charts Manager for WordPress SQL Injection (3.11.1)

WordPress Plugin AffiliateWP SQL Injection (1.5.6)

WordPress Plugin WP Maps-Display Google Maps Perfectly with Ease SQL Injection (4.1.4)

Severity

High

Classification

CWE-89 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

SQL Injection