Description

An SQL Injection vulnerability in Joomla! Core was reported on February 29, 2012 and affects Joomla 2.5.1, 2.5.0, 1.7.4 and all earlier 1.7.x variants.

Remediation

Users of these versions are strongly urged to upgrade to 2.5.2 immediately.

References

[20120301] - Core - SQL Injection

Related Vulnerabilities

WordPress Plugin CSS & JavaScript Toolbox SQL Injection (9.2)

WordPress Plugin Q and A FAQ and Knowledge Base for WordPress Multiple SQL Injection Vulnerabilities (1.0.6.2)

WordPress Plugin SearchAutocomplete 'tags.php' SQL Injection (1.0.8)

WordPress Plugin WP Email Users SQL Injection (1.4.3)

WordPress Plugin Welcart e-Commerce Multiple SQL Injection Vulnerabilities (1.5.2)

Severity

High

Classification

CVE-2012-1116 CWE-89 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:C/C:H/I:H/A:N

Tags

Known Vulnerabilities SQL Injection