Description
Joomla! 1.6.0 is vulnerable to an SQL Injection vulnerability. Parameters (filter_order, filer_order_Dir) were not properly sanitized, leading to an SQL Injection vulnerability. This could an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.
Remediation
Upgrade to Joomla! 1.6.1 or higher.
References
Related Vulnerabilities
Envoy Proxy Use After Free Vulnerability (CVE-2021-43825)
MySQL CVE-2021-2020 Vulnerability (CVE-2021-2020)
Atlassian Jira URL Redirection to Untrusted Site ('Open Redirect') Vulnerability (CVE-2018-13402)
Moodle Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2011-3757)