Description

SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and (2) Mambo 4.6.1, allows remote attackers to execute arbitrary SQL commands via the id parameter when cancelling content editing.

Remediation

References

CVE-2007-0374

Related Vulnerabilities

PHP Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-4782)

WordPress Plugin CAC Featured Content TimThumb Arbitrary File Upload (0.8)

Next.js Improper Limitation of a Pathname to a Restricted Directory ('Path Traversal') Vulnerability (CVE-2017-16877)

Moodle Other Vulnerability (CVE-2006-0147)

WordPress Plugin MyPixs Local File Inclusion (0.3)

Severity

High

Classification

CVE-2007-0374

Tags

Missing Update Known Vulnerabilities