Description

JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.

Remediation

References

CVE-2008-4105

Related Vulnerabilities

PHP Other Vulnerability (CVE-2007-4528)

jQuery UI Autocomplete Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2021-41182)

Grafana Missing Authentication for Critical Function Vulnerability (CVE-2019-15043)

OpenSSL Resource Management Errors Vulnerability (CVE-2011-4619)

Oracle JRE CVE-2013-2447 Vulnerability (CVE-2013-2447)

Severity

High

Classification

CVE-2008-4105 CWE-20

Tags

Missing Update Known Vulnerabilities