2 matches found
Joomla Component com_contact Info SQL Injection (CVE-2008-5494)
An SQL injection vulnerability has been reported in Digitalgreys Com Contactinfo. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2008-5494
The CVE-2008-5494 entry concerns a SQL injection vulnerability in the Joomla! component com_contactinfo version 1.0. The underlying issue is that the index.php handler accepts a catid parameter that can be manipulated to inject arbitrary SQL commands, enabling remote attackers to interact with th...