Joomla SQL Injection Vulnerability Network Vulnerability

Summary

The host is running Joomla and is prone to SQL injection vulnerability.

Impact

Successful exploitation will allow remote attackers to execute arbitrary SQL commands in applications database and gain complete control over the vulnerable web application. Impact Level: Application

Solution

Upgrade to version 3.2.3 or later, For updates refer to http://www.joomla.org

Insight

The flaw is due to an improper validation of 'id' parameter passed to 'index.php' script.

Affected

Joomla version 3.2.1 and probably other versions.

Detection

Send a crafted exploit string via HTTP GET request and check whether it is possible to execute sql query.

References

http://www.exploit-db.com/exploits/31459/

Updated on 2017-03-28

Severity

Classification

CVSS Base Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

Related Vulnerabilities

Apache Tomcat Windows Installer Privilege Escalation Vulnerability
b2ePMS Multiple SQL Injection Vulnerabilities
3Com OfficeConnect VPN Firewall Default Password Security Bypass Vulnerability
Admbook PHP Code Injection Flaw
ARRIS 2307 Unprotected Web Console

Take action and discover your vulnerabilities