Lucene search

[email protected]CVE-2009-3063

HistorySep 03, 2009 - 5:30 p.m.

CVE-2009-3063

2009-09-0317:30:21

CWE-89

[email protected]

web.nvd.nist.gov

cve-2009-3063

sql injection

joomla

game server

remote code execution

nvd

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

33.1%

JSON

SQL injection vulnerability in the Game Server (com_gameserver) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a gamepanel action to index.php.

Affected configurations

NVD

Node

joomlajoomla

AND

indianpulsescom_gameserverMatch1.0

CPENameOperatorVersion
indianpulses:com_gameserverindianpulses com gameservereq1.0

CPE	Name	Operator	Version
indianpulses:com_gameserver	indianpulses com gameserver	eq	1.0

References

www.exploit-db.com/exploits/9571

www.securityfocus.com/bid/36213

www.vupen.com/english/advisories/2009/2523

8.7 High

AI Score

Confidence

Low

7.5 High

CVSS2

Access Vector

Access Complexity

Authentication

NONE

Confidentiality Impact

PARTIAL

Integrity Impact

PARTIAL

Availability Impact

PARTIAL

AV:N/AC:L/Au:N/C:P/I:P/A:P

0.001 Low

EPSS

Percentile

33.1%

JSON

Related for CVE-2009-3063

nvd1 prion1 cvelist1