Blog and Help desk software

Joomla SQL Injection vulnerability

Matej Kukucka

Matej Kukucka

Last modified on October 29, 2020 at 4:48 pm

joomla sql injection vulnerability title

Trustwave SpiderLabs researcher Asaf Orpani has discovered an SQL injection vulnerability in versions 3.2 through 3.4.4 of Joomla, a popular open-source Content Management System (CMS).

The vulnerability allows users to get session identifier of the currently logged on administrator and gain complete administrator access to the system.

Trustwave recommends that you upgrade immediately to Joomla 3.4.5.

Joomla had a 6.6 percent share of the market for website CMSs as of October 20, 2015 according to W3Techs—second only to WordPress. Internet services company BuiltWith estimates that as many as 2.8 million websites worldwide use Joomla.

Matej Kukucka

Matej Kukucka

Head of Marketing

I am currently managing marketing efforts here at LiveAgent. I love SaaS products and according to my colleagues I am using too many browser extensions. Outside of my computer I play chess and drink too much coffee.

Our website uses cookies. By continuing we assume your permission to deploy cookies as detailed in our privacy and cookies policy.