Sql injection

2010-12-0613:37:00

PRIOn knowledge base

www.prio-n.com

9.1 High

AI Score

Confidence

Low

0.002 Low

EPSS

Percentile

56.3%

JSON

SQL injection vulnerability in the Yannick Gaultier sh404SEF component before 2.1.8.777 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CPENameOperatorVersion
sh404sefle2.1.7.761
sh404sefeq1.5.2.255
sh404sefeq1.5.3.296
sh404sefeq1.5.4.302
sh404sefeq1.5.5.388
sh404sefeq1.5.6.398
sh404sefeq1.5.7.407
sh404sefeq1.5.8.432
sh404sefeq1.5.9.434
sh404sefeq1.5.10.446

Name	Operator	Version
sh404sef	le	2.1.7.761
sh404sef	eq	1.5.2.255
sh404sef	eq	1.5.3.296
sh404sef	eq	1.5.4.302
sh404sef	eq	1.5.5.388
sh404sef	eq	1.5.6.398
sh404sef	eq	1.5.7.407
sh404sef	eq	1.5.8.432
sh404sef	eq	1.5.9.434
sh404sef	eq	1.5.10.446

Rows per page:

1-10 of 231

References

dev.anything-digital.com/Forum/Announcements/9100-Urgent-sh404SEF-security-release-Joomla-1.5/

secunia.com/advisories/42430

www.securityfocus.com/bid/45135

twitter.com/jeffchannell/status/8603529560195072