Description

Joomla! CMS versions 3.1.0 through 3.2.2 are vulnerable to an SQL injection vulnerability if the default data is selected during installation.

Remediation

Upgrade to the latest version of Joomla!.

References

[20140301] - Core - SQL Injection

Related Vulnerabilities

WordPress Plugin WP iCommerce-the first interactive ecommerce for wordpress SQL Injection (1.1.1)

WordPress Plugin Side Menu-add fixed side buttons SQL Injection (3.1.3)

WordPress Plugin WordPress Photo Gallery by Gallery Bank SQL Injection (3.0.229)

WordPress Plugin WP-Board SQL Injection (1.1)

WordPress Plugin wpDataTables-WordPress Data Table, Dynamic Tables & Table Charts Multiple Vulnerabilities (1.2.2)

Severity

High

Classification

CWE-89 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

SQL Injection