Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4654)

Description

SQL injection vulnerability in the EQ Event Calendar component for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to eqfullevent.

Remediation

References

CVE-2015-4654

Related Vulnerabilities

Oracle Application Server Other Vulnerability (CVE-2002-0569)

WordPress 4.8.x Arbitrary File Deletion Vulnerability (4.8 - 4.8.6)

Joomla Permissions, Privileges, and Access Controls Vulnerability (CVE-2012-1598)

WordPress Plugin User Verification Security Bypass (1.0.93)

WordPress 3.7.x Arbitrary File Deletion Vulnerability (3.7 - 3.7.26)

Severity

High

Classification

CVE-2015-4654 CWE-138

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2015-4654)

Description

Remediation

References

Related Vulnerabilities

Severity

Classification

Tags

Take action and discover your vulnerabilities