Keyword

Possible SQL injection attack?

  • joomla
  • joomla's Avatar Topic Author
  • Offline
  • New Member
More
2 years 5 months ago #180092 by joomla
Possible SQL injection attack? was created by joomla
Hi 
i am using joomla 3.10.8 with k2 plugin for my workflows. An SQL injection vulerablity has been identified on the K2 plugin.
When access a K2url with a suffix of a query parameter like  id=2  (it could be any number and inject it with SQL), it dumbs the entire backend table.
How can i fix this issue

regards
joomla user

Please Log in or Create an account to join the conversation.

More
2 years 5 months ago #180095 by JoomlaWorks
Replied by JoomlaWorks on topic Possible SQL injection attack?
So me an example, e.g. on demo.getk2.org

Any reason you're masking yourself behind a generic "joomla" username by they way?

Fotis / JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)

Please Log in or Create an account to join the conversation.


Powered by Kunena Forum