SQL injection vulnerability in index.php in the MGFi XfaQ (com_xfaq) 1.2 component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the aid parameter in an answer action.
Software | From | Fixed in |
---|---|---|
Joomla / joomla | 1.0 | 1.0.x |
mambo / mambo | 4.5 | 4.5.x |
mgfi / xfaq | 1.2 | 1.2.x |