WEB APPLICATION VULNERABILITIES Standard & Premium

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2010-4696)

Description

Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_order or (2) filter_order_Dir parameter in a com_contact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Remediation

References

Related Vulnerabilities

WordPress Plugin Secure HTML5 Video Player Cross-Site Scripting (3.14)

WordPress Plugin Caldera Forms-More Than Contact Forms Cross-Site Scripting (1.4.1)

XWiki CVE-2023-35166 Vulnerability (CVE-2023-35166)

Drupal Other Vulnerability (CVE-2015-3233)

Seo Panel Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-10839)

Severity

High

Classification

CVE-2010-4696 CWE-138

Tags

Missing Update Known Vulnerabilities