SQL injection vulnerability in the Gantry (com_gantry) component 3.0.10 for Joomla! allows remote attackers to execute arbitrary SQL commands via the moduleid parameter to index.php.
References
Configurations
Configuration 1 (hide)
AND |
|
History
21 Nov 2024, 01:22
Type | Values Removed | Values Added |
---|---|---|
References | () http://osvdb.org/67825 - | |
References | () http://secunia.com/advisories/41300 - Vendor Advisory | |
References | () http://www.exploit-db.com/exploits/14911 - Exploit | |
References | () http://www.gantry-framework.org/news/70-joomla-version-3011-released - | |
References | () http://www.securityfocus.com/bid/43017 - |
Information
Published : 2011-10-08 10:55
Updated : 2024-11-21 01:22
NVD link : CVE-2010-4898
Mitre link : CVE-2010-4898
CVE.ORG link : CVE-2010-4898
JSON object : View
Products Affected
gantry-framework
- com_gantry
joomla
- joomla\!
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')