Sql Injection Weaknesses Found in Mambo, Joomla

Posted by dcparris on Jun 27, 2006 11:27 PM
By Netcraft
Mail this story
Web version

Potentially serious security flaws have been found in existing versions of the Mambo and Joomla content management systems, and developers of the two projects are advising users to install upgrades or security patches as soon as possible. Both programs are vulnerable to SQL injection attacks, which allow remote attackers to execute commands on the web server in by typing SQL code into form fields. Joomla is a fork of Mambo, with both programs derived from the same code base.

Full Story

Printed at http://lxer.com/module/newswire/view/63854/index.html