SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.
Software | From | Fixed in |
---|---|---|
mambo / com_downloads | - | - |
Joomla / com_downloads | - | - |