Mambo / Joomla SQL Injection Vulnerability Discovered

    Date: 08/28/06 (Java Web)    Keywords: sql

    Omid has discovered a vulnerability in Mambo & Joomla, which can be exploited by malicious users to conduct SQL injection attacks. Input passed to the “id” parameter when editing content isn’t properly sanitised before being used in a SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation requires “Editor” [...]

    Source: http://blog.taragana.com/index.php/archive/mambo-joomla-sql-injection-vulnerability-discovered/

« Broadcasting Bloopers || Sayonara Pluto, Happy To... »


antivirus | apache | asp | blogging | browser | bugtracking | cms | crm | css | database | ebay | ecommerce | google | hosting | html | java | jsp | linux | microsoft | mysql | offshore | offshoring | oscommerce | php | postgresql | programming | rss | security | seo | shopping | software | spam | spyware | sql | technology | templates | tracker | virus | web | xml | yahoo | home