3 matches found
joomla150beta-sql.txt
Hi, These bugs were published in full-disclosure about 2 weeks ago CVE : CVE-2007-0373, CVE-2007-0374 and CVE-2007-0375, CVE-2007-0387 . In Mambo 4.6.1 and Joomla 1.0.11 and 1.5 Beta , the 'id' parameter can cause sql injection when cancelling content editting . Other versions maybe affected too...
CVE-2007-0373
Multiple SQL injection vulnerabilities in Joomla! 1.5.0 Beta allow remote attackers to execute arbitrary SQL commands via 1 the searchword parameter in certain files; the where parameter in 2 plugins/search/content.php or 3 plugins/search/weblinks.php; the text parameter in 4...
CVE-2007-0373
CVE-2007-0373 affects Joomla! 1.5.0 Beta with multiple SQL injection vulnerabilities. The issues arise from improper handling of user-supplied input in various search-related parameters across several files: the searchword parameter in unknown files; the where parameter in plugins/search/content....