4 matches found
Joomla! CMS com_search Component 'searchword' Parameter RCE
The version of Joomla! running on the remote host is affected by a remote code execution vulnerability within the comsearch/views/search/tmpl/defaultresults.php script due to improper sanitization of user-supplied input to the 'searchword' parameter before passing it to the eval function. An...
Immunity Canvas: JOOMLA_EVAL
Name| joomlaeval ---|--- CVE| CVE-2007-4187 Exploit Pack| CANVAS Description| joomlaeval Notes| CVE Name: CVE-2007-4187 VENDOR: Joomla Repeatability: Infinite References: 'http://www.milw0rm.com/exploits/4212',...
CVE-2007-4187
Multiple eval injection vulnerabilities in the comsearch component in Joomla! 1.5 beta before RC1 aka Mapya allow remote attackers to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to defaultresults.php in 1 components/comsearch/views/search/tmpl/ and 2...
CVE-2007-4187
CVE-2007-4187 affects Joomla! 1.5 beta before RC1 (Mapya). The vulnerability stems from multiple eval-injection flaws in the com_search component, specifically related to the searchword parameter being passed to eval() via default_results.php (1) components/com_search/views/search/tmpl/ and (2) t...