Following the disclosure of a critical SQL injection vulnerability in Joomla, attacks are being carried out against sites running old, unpatched versions of the content management system Joomla. Security experts warned that it would be easy for an attacker to gain full control of a website and execute additional attacks through the vulnerability. 4 hours after the disclosure from both Joomla and Trustwave, attackers began narrowing their sights on the two popular Joomla sites. Two scans were found to be deployed. When the attackers discovered a website running an older, vulnerable version, then they leveraged the exploit and ran a payload to extract the user’s session. The vulnerability previously existed in versions 3.2 to 3.4.4 of the CMS. Administrators of websites are advised to apply the updates to prevent any attack on the vulnerable systems.
IT Security News
The information provided herein is on "as is" basis, without warranty of any kind.
Mauritian Computer Emergency Response Team (CERT-MU)
National Computer Board
7th Floor, Stratton Court
La Poudriere Street