ID de Prueba:	1.3.6.1.4.1.25623.1.0.801829
Categoría:	Web application abuses
Título:	Joomla! Multiple SQL Injection Vulnerabilities
Resumen:	Joomla! is prone to multiple SQL injection vulnerabilities.
Descripción:	Summary: Joomla! is prone to multiple SQL injection vulnerabilities. Vulnerability Insight: The flaws are caused by improper validation of user-supplied input via the 'filter_order' and 'filter_order_Dir' parameters to 'index.php', which allows attacker to manipulate SQL queries by injecting arbitrary SQL code. Vulnerability Impact: Successful exploitation will allow attacker to cause SQL Injection attack and gain sensitive information. Affected Software/OS: Joomla! versions 1.5.x before 1.5.22 Solution: Upgrade to Joomla! 1.5.22 or later. CVSS Score: 7.5 CVSS Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P
Referencia Cruzada:	Common Vulnerability Exposure (CVE) ID: CVE-2010-4166 http://archives.neohapsis.com/archives/fulldisclosure/2010-10/0514.html http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_back.jpg http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_front.jpg http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_(filter_order)_front.jpg http://openwall.com/lists/oss-security/2010/11/12/5 http://openwall.com/lists/oss-security/2010/11/12/6 http://secunia.com/advisories/42133 Common Vulnerability Exposure (CVE) ID: CVE-2010-4696 http://developer.joomla.org/security/news/9-security/10-core-security/323-20101101-core-sqli-info-disclosurevulnerabilities.html
Copyright	Copyright (C) 2011 Greenbone AG

Esta es sólo una de 146377 pruebas de vulnerabilidad en nuestra serie de pruebas. Encuentre más sobre cómo ejecutar una auditoría de seguridad completa. Para ejecutar una prueba gratuita de esta vulnerabilidad contra su sistema, regístrese ahora.