Lucene search
HistoryFeb 12, 2007 - 11:28 p.m.
CVE-2006-7010
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.002
Percentile
65.1%
The mosgetparam implementation in Joomla! before 1.0.10, does not set a variable’s data type to integer when the variable’s default value is numeric, which has unspecified impact and attack vectors, which may permit SQL injection attacks.
Affected configurations
Node
joomlajoomlaMatch1.0.0
ORjoomlajoomlaMatch1.0.1
ORjoomlajoomlaMatch1.0.2
ORjoomlajoomlaMatch1.0.3
ORjoomlajoomlaMatch1.0.4
ORjoomlajoomlaMatch1.0.5
ORjoomlajoomlaMatch1.0.6
ORjoomlajoomlaMatch1.0.7
ORjoomlajoomlaMatch1.0.8
ORjoomlajoomlaMatch1.0.9
| Vendor | Product | Version | CPE |
|---|---|---|---|
| joomla | joomla | 1.0.0 | cpe:2.3:a:joomla:joomla:1.0.0:*:*:*:*:*:*:* |
| joomla | joomla | 1.0.1 | cpe:2.3:a:joomla:joomla:1.0.1:*:*:*:*:*:*:* |
| joomla | joomla | 1.0.2 | cpe:2.3:a:joomla:joomla:1.0.2:*:*:*:*:*:*:* |
| joomla | joomla | 1.0.3 | cpe:2.3:a:joomla:joomla:1.0.3:*:*:*:*:*:*:* |
| joomla | joomla | 1.0.4 | cpe:2.3:a:joomla:joomla:1.0.4:*:*:*:*:*:*:* |
| joomla | joomla | 1.0.5 | cpe:2.3:a:joomla:joomla:1.0.5:*:*:*:*:*:*:* |
| joomla | joomla | 1.0.6 | cpe:2.3:a:joomla:joomla:1.0.6:*:*:*:*:*:*:* |
| joomla | joomla | 1.0.7 | cpe:2.3:a:joomla:joomla:1.0.7:*:*:*:*:*:*:* |
| joomla | joomla | 1.0.8 | cpe:2.3:a:joomla:joomla:1.0.8:*:*:*:*:*:*:* |
| joomla | joomla | 1.0.9 | cpe:2.3:a:joomla:joomla:1.0.9:*:*:*:*:*:*:* |
Related
cve
cve
CVE-2006-7010
2007-02-12 23:28:00
cvelist
cvelist
CVE-2006-7010
2007-02-12 23:00:00
securityvulns
securityvulns
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
7.5
Confidence
Low
EPSS
0.002
Percentile
65.1%
Related for NVD:CVE-2006-7010