Lucene search
HistoryJan 26, 2014 - 8:55 p.m.
CVE-2014-0794
cve-2014-0794
sql injection
jv comment
com_jvcomment
joomla
remote authenticated users
nvd
7.8 High
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.007 Low
EPSS
Percentile
80.2%
SQL injection vulnerability in the JV Comment (com_jvcomment) component before 3.0.3 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a comment.like action to index.php.
| CPE | Name | Operator | Version |
|---|---|---|---|
| joomla:com_jvcomment | joomla com jvcomment | eq | 3.0.2 |
References
Related
htbridge
htbridge
SQL Injection in JV Comment Joomla Extension
2014-01-02 00:00:00
securityvulns
securityvulns
SQL Injection in JV Comment Joomla Extension
2014-02-03 00:00:00
seebug
seebug
Joomla! JV Commentζ©ε±'id'εζ°SQL注ε
₯ζΌζ΄
2014-02-10 00:00:00
exploitpack
exploitpack
Joomla! Component JV Comment 3.0.2 - id SQL Injection
2014-01-24 00:00:00
packetstorm
packetstorm
Joomla JV Comment 3.0.2 SQL Injection
2014-01-24 00:00:00
zdt
zdt
Joomla JV Comment 3.0.2 SQL Injection Vulnerability
2014-01-24 00:00:00
prion
prion
Sql injection
2014-01-26 20:55:00
exploitdb
exploitdb
Joomla! Component JV Comment 3.0.2 - 'id' SQL Injection
2014-01-24 00:00:00
7.8 High
AI Score
Confidence
Low
4.3 Medium
CVSS2
Access Vector
NETWORK
Access Complexity
MEDIUM
Authentication
NONE
Confidentiality Impact
NONE
Integrity Impact
PARTIAL
Availability Impact
NONE
AV:N/AC:M/Au:N/C:N/I:P/A:N
0.007 Low
EPSS
Percentile
80.2%
Related for CVE-2014-0794