SQL Injection zero-day in component ja-k2-filter-and-search of Joomla

8 years ago
October 19, 2016
0 replies
175 views

+54

Jasper_The_Rasper
Moderator
11578 replies

October 19, 2016 By Pierluigi Paganini

http://i0.wp.com/securityaffairs.co/wordpress/wp-content/uploads/2016/10/ja-k2-filter-and-search-Joomla-flaw-2.png?resize=726%2C400

Information Security experts have discovered an SQL injection zero-day vulnerability in Joomla component ja-k2-filter-and-search.

Information Security Researchers Dimitrios Roussis and Evangelos Apostoloudis have discovered an SQL injection vulnerability in component ja-k2-filter-and-search (https://www.joomlart.com/joomla/extensions/ja-k2-search) of Joomla, a popular open-source Content Management System (CMS).

This component has been used in various Joomla sites. Through the use of the sqlmap tool a malicious user is able to gain access to the website database revealing very critical or sensitive data in some cases

Full Article

Information Security experts have discovered an SQL injection zero-day vulnerability in Joomla component ja-k2-filter-and-search.

Reply

Related Topics

When I click on a link I get a warning "Your Connection is not Secure". First day and first time.

Webroot SecureAnywhere wins PCMag Editors Choice AGAIN!

USB Debugging Alerticon

How to Outsmart Online Tax Scams

Announcing Windows 10 Insider Preview Build 20197 (2021)

Sign up

Login to the community

Scanning file for viruses.

This file cannot be downloaded