2 matches found
CVE-2013-3932
SQL injection vulnerability in the Jomres comjomres component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to execute arbitrary SQL commands via the id parameter in an editProfile action to administrator/index.php...
CVE-2013-3932
CVE-2013-3932 affects the Jomres (com_jomres) Joomla! extension before 7.3.1. The flaw allows remote authenticated users with the Business Manager permission to inject SQL via the id parameter in an editProfile action to administrator/index.php, enabling arbitrary SQL execution and potential data...