2007-02-12 23:00:00
mitre
PUBLISHED
The mosgetparam implementation in Joomla! before 1.0.10, does not set a variables data type to integer when the variables default value is numeric, which has unspecified impact and attack vectors, which may permit SQL injection attacks.