CVE-2006-7010

2007-02-1223:00:00

mitre

www.cve.org

7.5 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

61.6%

JSON

The mosgetparam implementation in Joomla! before 1.0.10, does not set a variable’s data type to integer when the variable’s default value is numeric, which has unspecified impact and attack vectors, which may permit SQL injection attacks.

References

secunia.com/advisories/20874

www.joomla.org/content/view/1510/74/

www.osvdb.org/26916