Sql injection

2010-02-1222:30:00

PRIOn knowledge base

www.prio-n.com

9 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

51.6%

JSON

SQL injection vulnerability in the plgSearchEventsearch::onSearch method in eventsearch.php in the JEvents Search plugin 1.5 through 1.5.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors. NOTE: some of these details are obtained from third party information.

CPENameOperatorVersion
jevents_search_plugineq1.5
jevents_search_plugineq1.5.1
jevents_search_plugineq1.5.2
jevents_search_plugineq1.5.3

Name	Operator	Version
jevents_search_plugin	eq	1.5
jevents_search_plugin	eq	1.5.1
jevents_search_plugin	eq	1.5.2
jevents_search_plugin	eq	1.5.3

References

secunia.com/advisories/38404

www.jevents.net/forum/viewtopic.php?f=17&t=3910

www.securityfocus.com/bid/38050