Description

Joomla! CMS versions 3.1.0 through 3.2.2 are vulnerable to an SQL injection vulnerability if the default data is selected during installation.

Remediation

Upgrade to the latest version of Joomla!.

References

[20140301] - Core - SQL Injection

Related Vulnerabilities

WordPress Plugin Wordpress Membership SwiftCloud.io SQL Injection (1.0)

WordPress Plugin WP Symposium SQL Injection (15.5.1)

WordPress Plugin Youzify-BuddyPress Community, User Profile, Social Network & Membership for WordPress SQL Injection (1.2.5)

WordPress Plugin Sharebar Cross-Site Scripting and SQL Injection Vulnerabilities (1.2.1)

WordPress Plugin Welcart e-Commerce Multiple Vulnerabilities (1.3.12)

Severity

High

Classification

CWE-89 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

SQL Injection