This host is installed with Joomla! component Inneradmission and is prone to sql injection vulnerability.

Successful exploitation will allow remote attackers to execute arbitrary SQL commands in applications database and gain complete control over the vulnerable web application. Impact Level: Application

No solution or patch is available as of 9th February, 2015. Information regarding this issue will updated once the solution details are available. For updates refer to http://www.joomla.org

The flaw is due to insufficient validation of 'id' HTTP GET parameter passed to 'index.php' script.

Inneradmission Extension for Joomla

Send a crafted data via HTTP GET request and check whether it is possible to execute sql query.

• http://packetstormsecurity.com/files/126062
• http://www.osvdb.org/105761

---

Updated on 2015-03-25