Joomla SQL Injection Vulnerability

Trustwave SpiderLabs researcher Asaf Orpani has discovered an SQL injection vulnerability in versions 3.2 through 3.4.4 of Joomla, a popular open-source Content Management System (CMS).

The vulnerability allows users to get session identifier of the currently logged on administrator and gain complete administrator access to the system.

Trustwave recommends that you upgrade immediately to Joomla 3.4.5.

Joomla had a 6.6 percent share of the market for website CMSs as of October 20, 2015 according to W3Techs—second only to WordPress. Internet services company BuiltWith estimates that as many as 2.8 million websites worldwide use Joomla.

Niki Vajdova

Marketing Intern

Student at Faculty of management - Comenius University in Bratislava.

Our website uses cookies. By continuing we assume your permission to deploy cookies, as detailed in our privacy and cookies policy.