OSVDB ID: 44414 Title: Jom Comment Component for Joomla! Unspecified SQL Injection |
Info |
|
|
Dates |
||||
|
|
Description |
Security Assurance Team of the National Australia Bank have reported a vulnerability in the Jom Comment component for Joomla!, which can be exploited by malicious people to conduct SQL injection attacks. Input passed to unspecified parameters is not properly sanitised before being used in SQL queries. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. |
Classification |
Location:
Remote/Network Access Required
Attack Type: Input Manipulation Impact: Loss of Confidentiality, Loss of Integrity Solution: Upgrade Exploit: Exploit Unknown OSVDB: Web Related |
Solution |
Upgrade to version 2.2 or higher, as it has been reported to fix this vulnerability. An upgrade is required as there are no known workarounds. |
Products |
Unknown or Incomplete |
References |
Credit |
Unknown or Incomplete |