[VIM] Joomla Component com_marketplace 1.3.1 (catid) SQL Injection Vuln
George A. Theall
theall at tenablesecurity.com
Wed Nov 12 14:39:42 UTC 2008
Any anyone looked at milw0rm 7097 yet? It concerns a SQL injection
issue in the Marketplace component for Joomla. The issue seems to
have been covered already by milw0rm 5055. The only difference is that
7097 supposedly affects a more recent version of the component.
Also, I don't think 1.3.1 is vulnerable. Looking at the source for
that version (both downloaded from the link in 7097 and that I had
downloaded last February) shows that 'catid' is sanitized in
'show_category.php' by a call to intval() before its value is used in
any SQL queries. What am I missing?
George
--
theall at tenablesecurity.com
More information about the VIM
mailing list