Joomla Multiple Components SQL Injection Vulnerabilities Network Vulnerability

Summary

This host is running Joomla with multiple components and is prone to SQL injection vulnerabilities.

Impact

Successful exploitation will let attackers to manipulate SQL queries by injecting arbitrary SQL code. Impact Level: Application.

Solution

For solution or patch refer the refer section. For updates refer to http://extensions.joomla.org/extensions/

Insight

For more information about vulnerability refer the references section.

Affected

Joomla Joostina component Joomla sgicatalog component Joomla Amblog component version 1.0 Joomla Clantools Component version 1.2.3 Joomla CamelcityDB component version 2.2 Joomla Clantools Component version 1.2.3 Joomla Restaurant Guide component version 1.0.0 Joomla Aardvertiser Component versions 2.1 and 2.1.1

References

http://packetstormsecurity.org/files/92305/joomlacamelcitydb2-sql.txt
http://packetstormsecurity.org/files/view/105704/joomlasgicatalog-sql.txt
http://secunia.com/advisories/40932
http://secunia.com/advisories/41322
http://www.exploit-db.com/exploits/14530/
http://www.exploit-db.com/exploits/14596/
http://www.exploit-db.com/exploits/14902/
http://www.exploit-db.com/exploits/15040/
http://www.exploit-db.com/exploits/15157/
http://xforce.iss.net/xforce/xfdb/62151

Updated on 2015-03-25

Severity

Classification

CVE CVE-2010-4865, CVE-2010-4902, CVE-2010-4927, CVE-2010-4928, CVE-2010-4929, CVE-2010-4937, CVE-2010-4945
CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

ArticleFR CMS 'id' Parameter SQL Injection Vulnerability
ActivePerl perlIS.dll Buffer Overflow
Apple Safari RSS Feed Information Disclosure Vulnerability
Adobe ColdFusion Authentication Bypass Vulnerability
ARRIS 2307 Unprotected Web Console

Take action and discover your vulnerabilities