[fixed] foobla Suggestions for Joomla "idea_id" SQL Injection Vulnerability

Your Cart is currently empty.

All foobla staff are in local holiday from 30th April to 1st May 2012. The support services will be limited in this time. From 2rd May 2012, our awesome support services will be back to normal.
Thank you for using foobla's products.

Joomla Extensions

Developing Joomla Extensions is our main business since 2007. More than 8 commercial Joomla Extensions as well as 7+ free Joomla Extensions...

Joomla Updater

We care of keeping Joomla sites up-to-date, Joomla Updater is one of our networks which provide installing & updating...

Download it FREE

Joomla Custom Work

Joomla Custom Work, we offer Joomla Custom Work per hour rate, or you can hire our Joomla Expert monthly

Get a Quote

[fixed] foobla Suggestions for Joomla "idea_id" SQL Injection Vulnerability

foobla Suggestions for Joomla "idea_id" SQL Injection Vulnerability

Description:
Chip D3 Bi0s has reported a vulnerability in foobla Suggestions for Joomla, which can be exploited by malicious people to conduct SQL injection attacks.

Input passed via the "idea_id" parameter to index.php (if "option" is set to "com_foobla_suggestions" and "controller" to "comment") is not properly sanitised before being used in an SQL query. This can be exploited to manipulate SQL queries by injecting arbitrary code.

The vulnerability is reported in version 1.5.11. Other versions may also be affected.

Source: http://secunia.com/advisories/36767/

Solution: upgrade to latest version (1.5.0.1_build20090922)

See how to get newer version here.

Latest News

16 May

obRSS 1.8.14 released

09 May

obRSS 1.8.13 released

24 Apr

Auto publishing to LinkedIn Group with obSocialSubmit

18 Apr

Joomla SobiPro RSS Feed creating with obRSS

07 Feb

SobiPro Auto Social Publishing with obSocialSubmit

Our Products

Resources

Earn with us

[ Affiliate Program ]

Get promotion news & updates