Description

Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow remote attackers to execute arbitrary SQL commands via the (1) Itemid variable in the Polls modules and (2) multiple unspecified methods in the mosDBTable class.

Remediation

References

CVE-2005-3772

Related Vulnerabilities

WordPress Plugin UltimateWoo-The Ultimate WooCommerce with Unlimited Usage PHP Object Injection (0.1.10)

TYPO3 Deserialization of Untrusted Data Vulnerability (CVE-2020-15098)

WordPress Plugin CP Contact Form with PayPal Cross-Site Scripting (1.2.97)

phpMyFAQ Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2023-1884)

XWiki Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2023-35150)

Severity

High

Classification

CVE-2005-3772

Tags

Missing Update Known Vulnerabilities