The DBQuery component for Joomla! and Mambo is prone to a remote file-include vulnerability because it fails to sufficiently sanitize user-supplied input.
Exploiting this issue may allow an attacker to compromise the application and the underlying system; other attacks are also possible.
DBQuery 1.4.1 is vulnerable; other versions may also be affected
Source: securityfocus.com
Be the first to rate this post
- Currently 0/5 Stars.
- 1
- 2
- 3
- 4
- 5