Joomla Nice Talk Component “tagid” SQL Injection - Exabytes Security Portal

Categories

Applications (222)
Blogs (7)
Content Management (148)
Customer Relationship (2)
Discussion Boards (29)
E-Commerce (14)
General Purpose Directories (2)
Image Galleries (18)
Mailing Lists (1)
Tips (3)
Vulnerabilities (337)
Access Bypass (50)
Cross Site Scripting (123)
Denial Of Service (2)
File Inclusion (51)
Information Disclosure (15)
Privilege Escalation (2)
Remote Command Execution (16)
Session Hijacking (2)
SQL Injection (130)

Joomla Nice Talk Component “tagid” SQL Injection

Published by David September 21st, 2007 in SQL Injection.

Application: Joomla
Affected Version: Nice Talk 0.x.
Vendor’s URL: Nice Talk Homepage
Bug Type: SQL Injection Attacks
Risk Level: Critical

Solution:
- Edit the source code and ensure the input is sanitised.

0 Responses to “Joomla Nice Talk Component “tagid” SQL Injection”

Feed for this Entry Trackback Address

No Comments

Leave a Reply

You must login to post a comment.