[High Alert] Joomla Ext JomEstate Pro

	Welcome, Guest. Please login or register. Did you miss your activation email? Login with username, password and session length	May 24, 2012, 09:12:19 AM

Web Hosting Forum | Lunarpages > Advanced Lunarpages Assistance > Lunarpages Security Center > Topic: [High Alert] Joomla Ext JomEstate Pro - SQL Injection

Pages: [1] Go Down

« previous next »

Author

Topic: [High Alert] Joomla Ext JomEstate Pro - SQL Injection (Read 1293 times)

Dragos

Administrator
Spacescooter Operator

Offline

Posts: 30

[High Alert] Joomla Ext JomEstate Pro - SQL Injection

« on: May 31, 2011, 10:05:59 AM »

Executive Summary: the Joomla Ext. jomEstate Pro has been reported to be vulnerable to a SQL Injection Attack. The affected version is 1.3.6 and potentially others.

Technical details: The "district" parameter in the search form does not properly sanitize its input.

Recommendation: currently the vendor of this - http://www.comdev.eu - does not list a new version or a patch. It is suggested that you make a full backup, including the database and contact the vendor for a patch.

Source: http://www.1337day.com/exploits/16135


	Logged

--
Dragos Gabriel Fedorovici
JSA Supervisor - System Administrator Team
Add2Net Inc., LunarPages Division

Pages: [1] Go Up

« previous next »

Jump to:

Share |

Powered by SMF 1.1.14 | SMF © 2006-2011, Simple Machines LLC
Lunarpages Web Hosting | Website Templates | Blog Hosting

Loading...