1. This site uses cookies. By continuing to use this site, you are agreeing to our use of cookies. Learn More.

Joomla releases patch for serious SQLi flaw

Discussion in 'CSO' started by RSS, Oct 23, 2015.

  1. RSS

    RSS New Member Member

    Joomla, a popular content management system, released patches on Thursday for a vulnerability that can allow an attacker to get full administrative access to a website.

    Joomla versions 3.2 through 3.4.4 are vulnerable, and the latest version is 3.4.5.

    The SQL injection flaw was found by Asaf Orphani, a researcher with Trustwave's SpiderLabs, and Netanel Rubin of PerimeterX.

    SQL injection flaws occur when a backend database executes a malicious query when it shouldn't. The type of vulnerability is one of the most prevalent ones within web applications.

    To read this article in full or to leave a comment, please click here

    Continue reading...

Share This Page