2 matches found
joomla150beta-sql.txt
Hi, These bugs were published in full-disclosure about 2 weeks ago CVE : CVE-2007-0373, CVE-2007-0374 and CVE-2007-0375, CVE-2007-0387 . In Mambo 4.6.1 and Joomla 1.0.11 and 1.5 Beta , the 'id' parameter can cause sql injection when cancelling content editting . Other versions maybe affected too...
CVE-2007-0387
The CVE-2007-0387 issue affects the Joomla! Weblinks (com_weblinks) component, specifically in models/category.php where the catid parameter is used in SQL queries. This is a SQL injection vulnerability that could allow remote attackers to inject arbitrary SQL commands. The vulnerability is assoc...