Joomla! McQuiz Component “tid” SQL Injection

Published by TL Guan February 22nd, 2008 in Content Management and SQL Injection.

Application: Joomla! McQuiz Component
Affected Version: 0.9 Final and other versions.
Vendor’s URL: http://www.mcquizcomponent.com/
Bug Type: SQL Injection
Risk Level: Critical

Solution:
Edit the source code to ensure that input is properly sanitized.

Search

Entries RSS

Latest

vbDrupal Multiple Vulnerabilities
Mambo Two XSS Vulnerabilities
Vanilla Multiple Vulnerabilities
PHP Live Helper Multiple Vulnerabilities
vBulletin Private Message Subject Script Insertion
TinyCMS “config[template]” Local File Inclusion
Kayako SupportSuite Multiple Vulnerabilities
Drupal XSRF and Security Bypass
Drupal Multiple Vulnerabilities
IceBB “username” SQLi

Exabytes Security Portal

Categories

Joomla! McQuiz Component “tid” SQL Injection

Search

Subscribe

Latest

Archives