Free Trial
Joomla SQL injection vulnerability LiveAgent
Help Desk

Joomla SQL Injection vulnerability

Andrej Csizmadia

Andrej Csizmadia

October 31, 2015
Last modified on October 29, 2020 at 4:48 pm

Trustwave SpiderLabs researcher Asaf Orpani has discovered an SQL injection vulnerability in versions 3.2 through 3.4.4 of Joomla, a popular open-source Content Management System (CMS).

The vulnerability allows users to get session identifier of the currently logged on administrator and gain complete administrator access to the system.

Trustwave recommends that you upgrade immediately to Joomla 3.4.5.

Joomla had a 6.6 percent share of the market for website CMSs as of October 20, 2015 according to W3Techs—second only to WordPress. Internet services company BuiltWith estimates that as many as 2.8 million websites worldwide use Joomla.

Andrej Csizmadia

Andrej Csizmadia

Growth Marketer

Andy is Growth Marketer at LiveAgent. Previously, he studied International Relations and Business Diplomacy and was active as a volunteer in the world's largest student run organization, AIESEC. Running, music and reading books are his favourite free-time activities.

Our website uses cookies. By continuing we assume your permission to deploy cookies as detailed in our privacy and cookies policy.