Description
JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.
Remediation
References
Related Vulnerabilities
WordPress Plugin CF7 Manual Spam Blocker Privilege Escalation (1.0)
concrete5 Unrestricted Upload of File with Dangerous Type Vulnerability (CVE-2020-11476)
WordPress Plugin Random image gallery with pretty photo zoom Cross-Site Scripting (7.4)
MySQL CVE-2017-3244 Vulnerability (CVE-2017-3244)
Drupal Core 4.7.x Cross-Site Request Forgery (4.7.0 - 4.7.10)