Description
JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.
Remediation
References
Related Vulnerabilities
WordPress Plugin GEO my WordPress Unspecified Vulnerability (2.6.1.1)
Oracle JRE CVE-2012-5070 Vulnerability (CVE-2012-5070)
WordPress Plugin Author Stats Cross-Site Scripting (1.3)
MySQL CVE-2020-14848 Vulnerability (CVE-2020-14848)
WordPress Plugin Copy or Move Comments Multiple Vulnerabilities (1.0.0)