SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7297.
References
Configurations
Configuration 1 (hide)
|
History
21 Nov 2024, 02:37
Type | Values Removed | Values Added |
---|---|---|
References | () http://developer.joomla.org/security-centre/628-20151001-core-sql-injection.html - | |
References | () http://packetstormsecurity.com/files/134097/Joomla-3.44-SQL-Injection.html - | |
References | () http://packetstormsecurity.com/files/134494/Joomla-Content-History-SQL-Injection-Remote-Code-Execution.html - | |
References | () http://www.rapid7.com/db/modules/exploit/unix/webapp/joomla_contenthistory_sqli_rce - | |
References | () http://www.securityfocus.com/bid/77295 - | |
References | () http://www.securitytracker.com/id/1033950 - | |
References | () https://www.exploit-db.com/exploits/38797/ - | |
References | () https://www.trustwave.com/Resources/SpiderLabs-Blog/Joomla-SQL-Injection-Vulnerability-Exploit-Results-in-Full-Administrative-Access/ - Exploit |
Information
Published : 2015-10-29 20:59
Updated : 2024-11-21 02:37
NVD link : CVE-2015-7858
Mitre link : CVE-2015-7858
CVE.ORG link : CVE-2015-7858
JSON object : View
Products Affected
joomla
- joomla\!
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')