Description
Trustwave SpiderLabs researcher Asaf Orpani has discovered an SQL injection vulnerability in versions 3.2 through 3.4.4 of Joomla!, a popular open-source Content Management System (CMS). Combining that vulnerability with other security weaknesses, our Trustwave SpiderLabs researchers are able to gain full administrative access to any vulnerable Joomla site.
Remediation
Upgrade to Joomla! version 3.4.5.
References
Related Vulnerabilities
WordPress Plugin Traffic Analyzer SQL Injection (3.4.2)
WordPress Plugin 404 to 301-Redirect, Log and Notify 404 Errors SQL Injection (2.0.2)
WordPress Plugin Welcart e-Commerce Multiple Vulnerabilities (1.4.17)
WordPress Plugin AdRotate-Ad manager & AdSense Ads SQL Injection (5.8.3.1)
WordPress Plugin WP-SpamFree Anti-Spam 'id' Parameter SQL Injection (3.2.1)