CVE-2015-7857

Name of the Vulnerable Software and Affected Versions Joomla! versions prior to 3.4.5

Description A SQL injection issue exists in the getListQuery function in administrator/components/com contenthistory/models/history.php, allowing remote attackers to execute arbitrary SQL commands via the list[select] parameter to "index.php".

Recommendations For versions prior to 3.4.5, update to version 3.4.5 or later to resolve the issue.