WEB APPLICATION VULNERABILITIES Standard & Premium

Joomla Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') Vulnerability (CVE-2017-8917)

Description

SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors.

Remediation

References

Related Vulnerabilities

phpMyAdmin Exposure of Sensitive Information to an Unauthorized Actor Vulnerability (CVE-2016-2038)

WordPress Plugin Citizen Space Cross-Site Scripting (1.0)

WordPress Plugin WPFront Notification Bar Cross-Site Scripting (1.9.1.04012)

WordPress Plugin Resume Submissions & Job Postings Cross-Site Scripting (2.5.3)

Plone CMS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2012-5504)

Severity

Critical

Classification

CVE-2017-8917 CWE-138 CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H

Tags

Missing Update Known Vulnerabilities