Joomla releases patch for serious SQLi flaw

Joomla, a popular content management system, released patches on Thursday for a vulnerability that can allow an attacker to get full administrative access to a website.

Joomla versions 3.2 through 3.4.4 are vulnerable, and the latest version is 3.4.5.

The SQL injection flaw was found by Asaf Orphani, a researcher with Trustwave’s SpiderLabs, and Netanel Rubin of PerimeterX.

SQL injection flaws occur when a backend database executes a malicious query when it shouldn’t. The type of vulnerability is one of the most prevalent ones within web applications.

To read this article in full or to leave a comment, please click here

Read more: Joomla releases patch for serious SQLi flaw

Story added 23. October 2015, content source with full text you can find at link above.