Joomla! 1.6.0 SQL injection vulnerability

Description

Joomla! 1.6.0 is vulnerable to an SQL Injection vulnerability. Parameters (filter_order, filer_order_Dir) were not properly sanitized, leading to an SQL Injection vulnerability. This could an attacker to inject or manipulate SQL queries in the back-end database, allowing for the manipulation or disclosure of arbitrary data.

Remediation

Upgrade to Joomla! 1.6.1 or higher.

References