Description
Trustwave SpiderLabs researcher Asaf Orpani has discovered an SQL injection vulnerability in versions 3.2 through 3.4.4 of Joomla!, a popular open-source Content Management System (CMS). Combining that vulnerability with other security weaknesses, our Trustwave SpiderLabs researchers are able to gain full administrative access to any vulnerable Joomla site.
Remediation
Upgrade to Joomla! version 3.4.5.
References
Related Vulnerabilities
WordPress Plugin Yes/No Chart SQL Injection (1.0.11)
WordPress Plugin Users Ultra SQL Injection (1.3.58)
OpenX xajaxargs SQL injection vulnerability
WordPress Plugin Membership Simplified Multiple SQL Injection Vulnerabilities (1.58)
WordPress Plugin Photo Gallery by 10Web-Mobile-Friendly Image Gallery SQL Injection (1.3.50)