Short Name |
HTTP:SQL:INJ:JOOMLA-COM-JCE1 |
---|---|
Severity |
Major |
Recommended |
No |
Recommended Action |
Drop |
Category |
HTTP |
Keywords |
Joomla JCE Component Itemid Parameter SQL Injection1 |
Release Date |
2015/09/30 |
Update Number |
2541 |
Supported Platforms |
idp-4.0+, isg-3.0+, j-series-9.5+, mx-11.4+, srx-12.1+, srx-branch-12.1+, vmx-17.4+, vsrx-12.1+, vsrx3bsd-18.2+ |
This signature detects attempts to exploit a known vulnerability in Joomla's JCE component. It is due to insufficient validation of Itemid parameter of the index.php script. An attacker can exploit this issue by manipulating the SQL query logic to carry out unauthorized actions on the underlying database.