3 matches found
joomla150beta-sql.txt
Hi, These bugs were published in full-disclosure about 2 weeks ago CVE : CVE-2007-0373, CVE-2007-0374 and CVE-2007-0375, CVE-2007-0387 . In Mambo 4.6.1 and Joomla 1.0.11 and 1.5 Beta , the 'id' parameter can cause sql injection when cancelling content editting . Other versions maybe affected too...
CVE-2007-0374
SQL injection vulnerability in 1 Joomla! 1.0.11 and 1.5 Beta, and 2 Mambo 4.6.1, allows remote attackers to execute arbitrary SQL commands via the id parameter when cancelling content editing...
CVE-2007-0374
SQL injection vulnerability CVE-2007-0374 affects Joomla! 1.0.11, Joomla! 1.5 Beta and Mambo 4.6.1, exploitable via the id parameter when cancelling content editing. The root cause is improper input handling in the affected code path, allowing remote attackers to execute arbitrary SQL commands. I...