• foobla RSS Creator
    RSS Feed Creator

    the #1 extension to do RSS Feed stuff for a Joomla! site, create unlimited feeds

    $199
    Joomla
  • Joomla Automatic Articles - Full-Text RSS
    Full-Text RSS

    Joomla Automatic Articles solution, captures entire articles from RSS sources.

    $199
    Joomla
  • foobla Twitter
    Twitter Application

    implement independent Twitter interface with some extra killer features

    $199
    Joomla
  • foobla PHPlist integration
    PHPlist Integration

    the #1 solution to use the most powerful newsletter PHPlist inside Joomla!

    $199
    Joomla
  • foobla Suggestions
    Suggestions

    This helps you collect idea/feedback/suggestion from your clients/visitors.

    $199
    Joomla Drupal Magento
view foobla SHOWCASE
Home News Latest [fixed] foobla RSS Feed Creator for Joomla "id" SQL Injection

[fixed] foobla RSS Feed Creator for Joomla "id" SQL Injection

Thursday, 24 September 2009 08:35
E-mail Print

foobla RSS Feed Creator for Joomla "id" SQL Injection

Description:
Chip d3 Bi0s has reported a vulnerability in foobla RSS Feed Creator for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed via the "id" parameter to index.php (if "option" is set to "com_jlord_rss" and "task" to "feed") is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.

Source: http://secunia.com/advisories/36748/

Solution: upgrade to latest version (1.5.1.1_build20090922)

See how to get newer version here.

Share This Post
 
Subscribe to get the product's news & update

Your Cart

How to buy?

Your Shopping Cart
Your Cart is currently empty.
Banner

Login






Follow us

Get News & Updates from us via RSS Feed Follow us on Twitter


JoomlaWatch Stats 1.2.9 by Matej Koval