COMMUNITY FORUM

Keyword
  1. Forum
  3. K2 Community Forum
  5. English K2 Community
  7. Possible SQL injection attack?

Possible SQL injection attack?

  • joomla
  • joomla's Avatar Topic Author
  • Offline
  • New Member
More
1 year 11 months ago #180092 by joomla
Possible SQL injection attack? was created by joomla
Hi 
i am using joomla 3.10.8 with k2 plugin for my workflows. An SQL injection vulerablity has been identified on the K2 plugin.
When access a K2url with a suffix of a query parameter like  id=2  (it could be any number and inject it with SQL), it dumbs the entire backend table.
How can i fix this issue

regards
joomla user

Please Log in or Create an account to join the conversation.

More
1 year 11 months ago #180095 by JoomlaWorks
Replied by JoomlaWorks on topic Possible SQL injection attack?
So me an example, e.g. on demo.getk2.org

Any reason you're masking yourself behind a generic "joomla" username by they way?
Fotis / JoomlaWorks Support Team
---
Please search the forum before posting a new topic :)

Please Log in or Create an account to join the conversation.

  1. Forum
  3. K2 Community Forum
  5. English K2 Community
  7. Possible SQL injection attack?

Powered by Kunena Forum