Lunarpages Web Hosting Forum

Author Topic: [High Alert] Joomla Ext Joomnik - SQL Injection  (Read 2970 times)

Offline Dragos

  • Intergalactic Superstar
  • *****
  • Posts: 125
    • Lunarpages
[High Alert] Joomla Ext Joomnik - SQL Injection
« on: May 31, 2011, 09:07:36 AM »
Executive Summary: The Joomla Ext. Joomnik Gallery Component is vulnerable to SQL Injection Attacks. The effected version is 0.9 and possibly others.

Technical Details: The "album" parameter to Index.php does not properly sanitize its input.

Recommendation: ontact the Developer for an updated version or discontinue use in favor of another Gallery Component.
--
Dragos Gabriel Fedorovici
System Administrator I - Add2Net Inc., LunarPages Division

Website: www.lunarpages.com
Email: support@lunarpages.com
Phone: 1-714-521-8150