4 matches found
Joomla! SQL Injection (CVE-2018-8045)
An SQL injection vulnerability exists in Joomla!. Successful exploitation of this vulnerability would allow a remote attacker to execute arbitrary SQL commands on the affected system...
CVE-2018-8045
creationtimestamp| type| source ---|---|--- 2021-01-07 21:17:36+00:00| published-proof-of-concept| Telegram/ELp7-iIDiecmdH1RYNFuXslf5yrqKKOhnw0CBvUrc8AgfQ 2023-10-25 07:54:46+00:00| published-proof-of-concept| https://t.me/CyberSecurityTechnologies/22 2024-11-14 06:07:31+00:00| seen|...
Joomla内核SQL注入漏洞(CVE-2018-8045)
作者:绿盟科技 来源: CVE-2018-8045 漏洞简介 漏洞具体情况可参见绿盟科技安全威胁周报-201812周 Joomla! Core SQL注入漏洞: NSFOCUS ID:39158 CVE ID:CVE-2018-8045 受影响版本:Joomla! Joomla! 3.5.0-3.8.5 漏洞点评:Joomla是一套网站内容管理系统,使用PHP语言和MySQL数据库开发。Joomla! 3.5.0 -3.8.5版本对SQL语句内的变量缺少类型转换,导致User Notes列表视图内SQL注 入漏洞,可使攻击者访问或修改数据等。目前厂商已经发布了升级补丁,修复了这个...
CVE-2018-8045
CVE-2018-8045 affects Joomla! versions 3.5.0 through 3.8.5, where a lack of type casting in a SQL statement in the User Notes list view enables an SQL injection vulnerability. Exploitation could allow a remote attacker to execute arbitrary SQL commands on the affected system (per connected adviso...