1. Symantec-Broadcom-Horizontal/
  2. Security Response/
  3. Attack Signatures/
  4. Web Attack: Joomla Com Kunena SQL Injection

Web Attack: Joomla Com Kunena SQL Injection

Severity: High

This attack could pose a serious security threat. You should take immediate action to stop any damage or prevent further damage from happening.

Description

This signature detects attempts to exploit Joomla Kunena 'search' Parameter SQL Injection

Additional Information

Kunena is a forum component for the Joomla! content manager. It is implemented in PHP.

The application is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied input submitted to the 'search' parameter of the 'index.php' script.

Exploiting these vulnerabilities could allow an attacker to steal cookie-based authentication credentials, compromise the application, access or modify data, or exploit latent vulnerabilities in the underlying database.

Affected

  • Various version of Joomla

Additional References

  • Twitter
  • Facebook
  • LinkedIn
  • Google+
  • YouTube