Joomla! TimeTrack Component "ct_id" SQL Injection Vulnerability

SECUNIA ADVISORY ID:
SA41583

VERIFY ADVISORY:
Secunia.com
http://secunia.com/advisories/41583/
Customer Area (Credentials Required)
https://ca.secunia.com/?page=viewadvisory&vuln_id=41583

RELEASE DATE:
2010-09-23
DESCRIPTION:
Salvatore Fresta has discovered a vulnerability in the TimeTrack
component for Joomla!, which can be exploited by malicious people to
conduct SQL injection attacks.

Input passed via the "ct_id" parameter to index.php (when "option" is
set to "com_timetrack" and "view" is set to "timetrack") is not
properly sanitised before being used in a SQL query. This can be
exploited to manipulate SQL queries by injecting arbitrary SQL code.

NOTE: Other parameters are reportedly also affected.

The vulnerability is confirmed in version 1.2.3. Other versions may
also be affected.

SOLUTION:
Edit the source code to ensure that input is properly sanitised.

PROVIDED AND/OR DISCOVERED BY:
Salvatore Fresta

ORIGINAL ADVISORY:
Salvatore Fresta:
http://salvatorefresta.net/files/adv/TimeTrack_1.2.4_Joomla_Component_Multiple_SQL_Injection_Vulnerabilities-22092010.txt