SQL injection vulnerability in the getListQuery function in administrator/components/com_contenthistory/models/history.php in Joomla! 3.2 before 3.4.5 allows remote attackers to execute arbitrary SQL commands via the list[select] parameter to index.php.
References
Configurations
Configuration 1 (hide)
|
Information
Published : 2015-10-29 13:59
Updated : 2017-09-12 18:29
NVD link : CVE-2015-7857
Mitre link : CVE-2015-7857
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
joomla
- joomla\!