|
VM Security Bulletin 2010-01-30 |
 |
 |
|
Written by Soeren Eberhardt-Biermann
|
|
Saturday, 30 January 2010 02:00 |
Component Type: VirtueMart Core. The affected files are part of the standard VirtueMart Distribution.
Affected Versions: VirtueMart Version 1.1.4 and all versions below.
Vulnerability Type: SQL Injection.
Severity: HIGH.
Problem Description: It's possible for an attacker with administrator permissions to manipulate or gain information from the database with a specially crafted URL.
Solution: An patch is available that contains new versions of the affected files: SecurityFix_vm114_012910.zip.
General advice:
Follow the recommendations from the Joomla! Administrator's Security Checklist and the Security & Performance FAQ for Joomla!. This way you get basic security for your Store.
Keep notice of the VirtueMart Security Bulletins.
|
|
Last Updated on Wednesday, 03 February 2010 11:18 |
Home
Forum
Extensions
Developer Portal