CVE-2006-7010 Information

Description

The mosgetparam implementation in Joomla! before 1.0.10 does not set a variable’s data type to integer when the variable’s default value is numeric which has unspecified impact and attack vectors which may permit SQL injection attacks.

Reference

http://secunia.com/advisories/20874 http://www.joomla.org/content/view/1510/74/ http://www.osvdb.org/26916