- Core - SQL Injection
- Project: Joomla!
- SubProject: All
- Severity: High
- Versions: 2.5.1, 2.5.0 and 1.7.0 - 1.7.5
- Exploit type: SQL Injection
- Reported Date: 2012-February-29
- Fixed Date: 2012-March-05
Inadequate escaping leads to SQL injection vulnerability.
Joomla! version 2.5.1, 2.5.0, 1.7.4, and all earlier 1.7.x versions
Upgrade to version 2.5.2
Reported by Ching Shiong Sow, Stratsec
The JSST at the Joomla! Security Center.