Joomla! TPJobs Component "id_c[]" SQL Injection Vulnerability 

SECUNIA ADVISORY ID:
SA38001

VERIFY ADVISORY:
http://secunia.com/advisories/38001/

DESCRIPTION:
A vulnerability has been reported in the TPJobs component for
Joomla!, which can be exploited by malicious people to conduct SQL
injection attacks.

Input passed to the "id_c[]" parameter in index.php (if "option" is
set to "com_tpjobs" and "task" is set to "resadvsearch") is not
properly sanitised before being used in SQL queries. This can be
exploited to manipulate SQL queries by injecting arbitrary SQL code.

SOLUTION:
Filter malicious characters and character sequences using a proxy.

PROVIDED AND/OR DISCOVERED BY:
FL0RiX

ORIGINAL ADVISORY:
http://www.exploit-db.com/exploits/10950

RECENT ARTICLE

RECENT POST

ลิงก์ที่เกี่ยวข้อง

ลิงก์อื่นๆ ที่เกี่ยวข้องกับจูมล่า