SQL injection vulnerability in the search method in jobline.class.php in Jobline (com_jobline) 1.1.2.2, 1.3.1, and possibly earlier versions, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the search parameter in a results action to index.php, which invokes the search method from the searchJobPostings function in jobline.php.
References
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2009-07-20 13:00
Updated : 2017-09-18 18:29
NVD link : CVE-2009-2554
Mitre link : CVE-2009-2554
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
olle_johansson
- jobline
joomla
- joomla