Joomla!.searchword.Parameter.Process.Code.Injection
Description
This indicates an attempt to exploit a code injection vulnerability in the Joomla! Search component.
The vulnerability is caused by the application's failure to validate the "searchword" parameter in the "components/com_search/views/search/tmpl/default_results.php" and "templates/beez/html/com_search/search/default_results.php" scripts. It allows remote attackers to execute arbitrary php code by sending a malicious request.
Affected Products
Joomla version 1.5 beta 2 and prior.
Impact
System compromise: remote code execution.
Recommended Actions
Upgrade to the latest version, available from the Web site.
http://joomlacode.org/gf/project/joomla/frs/?action=FrsReleaseBrowse&frs_package_id=2622
Telemetry
Coverage
IPS (Regular DB) | |
IPS (Extended DB) |
Version Updates
Date | Version | Detail |
---|---|---|
2019-02-01 | 14.540 | Name:Joomla. searchword. Parameter. Process. Code. Injection:Joomla!. searchword. Parameter. Process. Code. Injection |