Home > Webmaster News > Internet News > Alert: Critical SQL Injection Vulnerability Within Joomla 3.4.4

Alert: Critical SQL Injection Vulnerability Within Joomla 3.4.4

Trustwave SpiderLabs have announced a critical SQL injection vulnerability that affects all Joomla website installations running versions 3.2 through 3.4.4. The vulnerability allows an attacker to gain full administrative access of an affected Joomla website.

Joomla has patched this in last weeks release of Joomla 3.4.5 however far from everyone has updated their websites and I wanted to take a moment to express just how important it is. If you think you’re website is too small to be attacked – you’re wrong. Sucuri reported 12,000 exploitation attempts as of this Monday – a number that is steadily growing.

Make sure you’re website is running the latest install of Joomla 3.4.5. If for some reason you absolutely MUST delay the update – log out of all your administrative accounts. This vulnerability relies on an admin account being logged into the system – so remaining logged out will, in a way, help secure you’re website. For now.

About Michael Boguslavskiy

Avatar
Michael Boguslavskiy is a full-stack developer & online presence consultant based out of New York City. He's been offering freelance marketing & development services for over a decade. He currently manages Rapid Purple - and online webmaster resources center; and Media Explode - a full service marketing agency.

Check Also

When Disaster Strikes: Reviewing AWS vs Azure Disaster Recovery Solutions

Disaster recovery, in the context of IT, refers to the implementation of specific tools, policies, ...

Like every other website, this site uses cookies to analyze our traffic. Cookies may also be utilized by our advertisers and partners. By using this website you agree to the use of said cookies. More Information

The cookie settings on this website are set to "allow cookies" to give you the best browsing experience possible. If you continue to use this website without changing your cookie settings, continuing to navigate past this message, or you click "Accept" below then you are consenting to the use of cookies on the Rapid Purple website.

Close