Author Topic: Still SQL injection Vulnerability after applied security path  (Read 1128 times)

ekc_maga

  • Beginner
  • *
  • Posts: 3
Hi, I used the lastest Joomla 1.5.15 and Virtuemart 1.1.4 with the security patch on Jan 30 2010 applied, but I still get SQL injection Vulnerability from PCI scan, could some one help?

here is what I get from mcafeesecure:

Protocol   https   Port   443   Read Timeout   10000   Method   GET   Demo
Path   /en/online-store.html
Query   page=x';",)`.browse
category_id=1
Headers   Referer=https%3A%2F%2Fwww.esdemc.com%2Fen%2Fcomponent%2Fuser%2Flogin.html
Cookie=409d32ce1a9262236356b5cb71140487%3D7052b3b4db3bac866a3f34b7526c8f24
Cookie=virtuemart%3D7052b3b4db3bac866a3f34b7526c8f24
Cookie=ja_purity_tpl%3Dja_purity
Cookie=3d5e58c9082e25ec1ccc505e578caf76%3Dffa3aae6578d56d94d3eab15a4ae8182
Cookie=logintheme%3Dcpanel
Cookie=webmailrelogin%3Dno
Cookie=webmailsession%3D58PjaoBiZtedrZoPiWryjZVHWik2G4YGfB_Itd_HjU9GL3yxxvJ7A9zfory4mxFb
Cookie=a73660756004bd2e3bee3c8ac8a16b47%3D6f9b557e72c6d919187b49efb0e56876
Cookie=jfcookie%5Blang%5D%3Den