Joomla! Fabrik Component Unspecified SQL Injection Vulnerability

อีเมล พิมพ์ PDF
SHARE STORE:
Digg
 
SECUNIA ADVISORY ID:
SA45203

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/45203/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=45203

RELEASE DATE:
2011-07-13
DESCRIPTION:
A vulnerability has been reported in the Fabrik component for
Joomla!, which can be exploited by malicious people to conduct SQL
injection attacks.

Certain unspecified input is not properly sanitised before being used
in a SQL query. This can be exploited to manipulate SQL queries by
injecting arbitrary SQL code.

The vulnerability is reported in versions prior to 2.1.

SOLUTION:
Update to version 2.1.

PROVIDED AND/OR DISCOVERED BY:
The vendor credits Jeff Channell.

ORIGINAL ADVISORY:
http://fabrikar.com/blog/73-fabrik-21-released
You are here ข่าว - Joomla! ประกาศรูรั่วของส่วนเสริมต่างๆ Joomla! Fabrik Component Unspecified SQL Injection Vulnerability