united states of america usa  linkedinfacebookgoogle
  • Home
  • News
  • Joomla issues upgrade to patch critical SQL vulnerability

Joomla issues upgrade to patch critical SQL vulnerability

joomla logo

Joomla's developers have released a fix to critical SQL injection vulnerability in the 3.2.3 update, but still are coming under fire for taking a month to address the issue. According to ThreatPost, researchers at Sucuri have associated the SQL fix with a month-old vulnerability that was described at exploit-db.com.

The Scip vulnerability database provides this description: “Affected by this issue is an unknown function of the file /index.php/weblinks-categories.

"The manipulation of the argument id with the input value 0%20%29%20union%20select%20password%20from%20%60k59cv_users%60%20--%20%29 leads to a sql injection vulnerability. Impacted is confidentiality, integrity, and availability.”

So patch your Joomlas!

Tel: (786) 646-6461   |   Toll-Free: (877) 454-0758
18350 NW 2nd Ave, Ste 406E | Miami, FL33169