SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and (2) Mambo 4.6.1, allows remote attackers to execute arbitrary SQL commands via the id parameter when cancelling content editing.
References
Link | Resource |
---|---|
http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html | Exploit Patch Vendor Advisory |
http://www.hackers.ir/advisories/festival.txt | Vendor Advisory |
http://www.securityfocus.com/bid/19734 | Exploit Vendor Advisory |
http://osvdb.org/32520 | |
http://www.securityfocus.com/archive/1/459203/100/0/threaded |
Configurations
Configuration 1 (hide)
|
Information
Published : 2007-01-19 15:28
Updated : 2018-10-16 09:32
NVD link : CVE-2007-0374
Mitre link : CVE-2007-0374
JSON object : View
CWE
Products Affected
joomla
- joomla
mambo
- mambo