Saturday, September 25, 2010

Joomla TimeTrack 1.2.4 Component: Multiple SQL Injection Vulnerabilities

Users of Joomla TimeTrack 1.2.4 Component please be advised of a Multiple SQL Injection Vulnerabilities that has been identified.

To view this vulnerability, possible remedies, and others please check out the Security Advisories at Critical Watch (http://criticalwatch.com/support/security-advisories.aspx)

Amplify’d from www.criticalwatch.com

TimeTrack-SA-09/22/2010: TimeTrack 1.2.4 Joomla Component Multiple SQL Injection Vulnerabilities

DESCRIPTION

_______________



Many numeric parameters are not properly sanitised before

being used in a SQL query. This can be exploited to

manipulate SQL queries by injecting arbitrary SQL code.
Read more at www.criticalwatch.com
 
See this Amp at http://bit.ly/9sVqo7

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)