7 matches found
CVE-2017-20281
Joomla! Component Extra Search 2.2.8 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the establename parameter. Attackers can send GET requests to index.php with the option=comextrasearch parameter and...
CVE-2017-20281 Joomla! Component Extra Search 2.2.8 SQL Injection
Joomla! Component Extra Search 2.2.8 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the establename parameter. Attackers can send GET requests to index.php with the option=comextrasearch parameter and...
EUVD-2017-19008
Joomla! Component Extra Search 2.2.8 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the establename parameter. Attackers can send GET requests to index.php with the option=comextrasearch parameter and...
CVE-2017-20281
Joomla! Component Extra Search 2.2.8 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the establename parameter. Attackers can send GET requests to index.php with the option=comextrasearch parameter and...
CVE-2017-20281
Joomla! Component Extra Search 2.2.8 contains an SQL injection vulnerability in the establename parameter (index.php?option=com_extrasearch). The issue allows unauthenticated attackers to manipulate database queries and extract sensitive information. Evidence in CVE records and AttackerKB confirm...
PT-2026-50962
Name of the Vulnerable Software and Affected Versions Joomla! Component Extra Search version 2.2.8 Description An SQL injection allows unauthenticated attackers to manipulate database queries by injecting SQL code. This is achieved by sending GET requests to the 'index.php' endpoint using the...
Joomla! Component Extra Search 2.2.8 - establename SQL Injection
Joomla! Component Extra Search 2.2.8 - establename SQL Injection Exploit Title: Joomla! Component Extra Search v2.2.8 - SQL Injection Google Dork: N/A Date: 21.03.2017 Vendor Homepage: http://www.joomlaboat.com/ Software: http://www.joomlaboat.com/extra-search Demo: http://www.joomlaboat.com/...