SECUNIA ADVISORY ID:
SA38001
VERIFY ADVISORY:
http://secunia.com/advisories/38001/
DESCRIPTION:
A vulnerability has been reported in the TPJobs component for
Joomla!, which can be exploited by malicious people to conduct SQL
injection attacks.
Input passed to the "id_c[]" parameter in index.php (if "option" is
set to "com_tpjobs" and "task" is set to "resadvsearch") is not
properly sanitised before being used in SQL queries. This can be
exploited to manipulate SQL queries by injecting arbitrary SQL code.
SOLUTION:
Filter malicious characters and character sequences using a proxy.
PROVIDED AND/OR DISCOVERED BY:
FL0RiX
ORIGINAL ADVISORY:
http://www.exploit-db.com/exploits/10950