2 matches found
Sql injection
SQL injection vulnerability in Joomla! 1.5 before RC2 aka Endeleo allows remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to the archive section. NOTE: this may be the same as CVE-2007-4778...
CVE-2007-4778
CVE-2007-4778 covers multiple SQL injection vulnerabilities in Joomla! 1.5 Beta1/Beta2/RC1 (com_content). The issue allows remote attackers to execute arbitrary SQL commands via the filter parameter in an archive action to models/archive.php, category.php, or section.php. The description notes th...