Description

An SQL Injection vulnerability in Joomla! Core was reported on February 29, 2012 and affects Joomla 2.5.1, 2.5.0, 1.7.4 and all earlier 1.7.x variants.

Remediation

Users of these versions are strongly urged to upgrade to 2.5.2 immediately.

References

[20120301] - Core - SQL Injection

Related Vulnerabilities

Atlassian Jira Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2020-29453)

Apache Tomcat Other Vulnerability (CVE-2005-4703)

PHP Improper Input Validation Vulnerability (CVE-2008-3660)

Liferay Portal Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2024-26269)

Sqlite Use After Free Vulnerability (CVE-2019-5018)

Severity

High

Classification

CVE-2012-1116 CWE-89 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N CVSS:4.0/AV:N/AC:L/AT:N/PR:N/UI:N/VC:H/VI:H/VA:N/SC:N/SI:N/SA:N

Tags

Known Vulnerabilities SQL Injection