CVE-2009-3971

SQL injection vulnerability in the jTips (com_jtips) component 1.0.7 and 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the season parameter in a ladder action to index.php.
Advertisement

NeevaHost hosting service

Configurations

Configuration 1 (hide)

AND
cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:*
OR cpe:2.3:a:jtips:com_jtips:1.0.7:*:*:*:*:*:*:*
cpe:2.3:a:jtips:com_jtips:1.0.9:*:*:*:*:*:*:*

Information

Published : 2009-11-18 15:30

Updated : 2017-09-18 18:29


NVD link : CVE-2009-3971

Mitre link : CVE-2009-3971


JSON object : View

CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

Advertisement

dedicated server usa

Products Affected

joomla

  • joomla\!

jtips

  • com_jtips