Lucene search

CVE-2013-7219

🗓️ 21 Jan 2014 16:19:06Reported by mitreType

cve🔗 web.nvd.nist.gov👁 59 Views🌐 WEB

SQL injection vulnerability in vote.php in 2Glux Sexy Polling component before 1.0.9 for Joomla

5 of 5AI Insights are available for you today

Leverage the power of AI to quickly understand vulnerabilities, impacts, and exploitability

Reporter	Title	Published	Views	Family All 9
NVD	CVE-2013-7219	21 Jan 201416:06	–	nvd
seebug.org	Sexy Polling Joomla Extension SQL注入漏洞	20 Jan 201400:00	–	seebug
Prion	Sql injection	21 Jan 201416:06	–	prion
securityvulns	SQL Injection in Sexy Polling Joomla Extension	19 Jan 201400:00	–	securityvulns
securityvulns	Web applications security vulnerabilities summary (PHP, ASP, JSP, CGI, Perl)	19 Jan 201400:00	–	securityvulns
Circl	CVE-2013-7219	16 Jan 201400:00	–	circl
Packet Storm	Joomla Sexy Polling 1.0.8 SQL Injection	16 Jan 201400:00	–	packetstorm
Cvelist	CVE-2013-7219	21 Jan 201416:00	–	cvelist
htbridge	SQL Injection in Sexy Polling Joomla Extension	26 Dec 201300:00	–	htbridge

Nvd

Node

2glux com_sexypollingRange≤1.0.8---joomla!

2glux com_sexypollingMatch0.9.1---joomla!

2glux com_sexypollingMatch0.9.2---joomla!

2glux com_sexypollingMatch0.9.4---joomla!

2glux com_sexypollingMatch0.9.5---joomla!

2glux com_sexypollingMatch0.9.6---joomla!

2glux com_sexypollingMatch0.9.7---joomla!

2glux com_sexypollingMatch1.0.1---joomla!

2glux com_sexypollingMatch1.0.2---joomla!

2glux com_sexypollingMatch1.0.3---joomla!

2glux com_sexypollingMatch1.0.4---joomla!

2glux com_sexypollingMatch1.0.5---joomla!

2glux com_sexypollingMatch1.0.6---joomla!

2glux com_sexypollingMatch1.0.7---joomla!

Source	Link
securityfocus	www.securityfocus.com/archive/1/530789/100/0/threaded
exchange	www.exchange.xforce.ibmcloud.com/vulnerabilities/90519
htbridge	www.htbridge.com/advisory/HTB23193
2glux	www.2glux.com/forum/sexypolling/sexy-polling-security-vulnerability-notification-t2026.html

Parameter	Position	Path	Description	CWE
answer_id[]	request body	/components/com_sexypolling/vote.php	SQL Injection vulnerability allowing execution of arbitrary SQL commands via 'answer_id[]' parameter.	CWE-89

Transform Your Security Services

Elevate your offerings with Vulners' advanced Vulnerability Intelligence. Contact us for a demo and discover the difference comprehensive, actionable intelligence can make in your security strategy.

Book a live demo

21 Jan 2014 16:06Current

8.5High risk

Vulners AI Score8.5

CVSS27.5

EPSS0.00262

CWE-89