foobla RSS Feed Creator for Joomla "id" SQL Injection
Description:
Chip d3 Bi0s has reported a vulnerability in foobla RSS Feed Creator for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.
Input passed via the "id" parameter to index.php (if "option" is set to "com_jlord_rss" and "task" to "feed") is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
Source: http://secunia.com/advisories/36748/
Solution: upgrade to latest version (1.5.1.1_build20090922)
See how to get newer version here.
