SQL injection vulnerability in the Shape5 Bridge of Hope template for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an article action to index.php.
References
Link | Resource |
---|---|
http://packetstormsecurity.org/1001-exploits/joomlaboh-sql.txt | Exploit |
http://www.securityfocus.com/bid/37602 | |
http://www.vupen.com/english/advisories/2010/0019 | Vendor Advisory |
http://www.exploit-db.com/exploits/10964 | Exploit |
Configurations
Configuration 1 (hide)
AND |
|
Information
Published : 2010-06-09 13:30
Updated : 2010-06-09 21:00
NVD link : CVE-2010-2254
Mitre link : CVE-2010-2254
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
joomla
- joomla\!
shape5
- bridge_of_hope_template