2 matches found
Joomla Component com_gcalendar Remote SQL Injection (CVE-2009-4099)
An SQL injection vulnerability has been reported in G4j.laoneo Com Gcalendar. An attacker could exploit this vulnerability via the gcid parameter. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2009-4099
The Joomla! GCalendar component (com_gcalendar) for Joomla! is affected by a SQL injection in the gcid parameter. Affected versions include GCalendar 1.1.2, 2.1.4, and possibly earlier. The root cause is improper sanitization of user-supplied input in the gcid value used to build SQL queries (mod...