4 matches found
EUVD-2007-0376
Malware in sbrugna...
Sql injection
Multiple eval injection vulnerabilities in the comsearch component in Joomla! 1.5 beta before RC1 aka Mapya allow remote attackers to execute arbitrary PHP code via PHP sequences in the searchword parameter, related to defaultresults.php in 1 components/comsearch/views/search/tmpl/ and 2...
SEC Consult SA-20070722-0 :: Remote command execution in Joomla! CMS
SEC Consult Security Advisory 20070722-0 ======================================================================= title: Remote command execution in Joomla! CMS program: Joomla! vulnerable version: 1.5 beta 2 Earlier 1.5 versions may be vulnerable too! impact: critical homepage:...
joomla150beta-sql.txt
Hi, These bugs were published in full-disclosure about 2 weeks ago CVE : CVE-2007-0373, CVE-2007-0374 and CVE-2007-0375, CVE-2007-0387 . In Mambo 4.6.1 and Joomla 1.0.11 and 1.5 Beta , the 'id' parameter can cause sql injection when cancelling content editting . Other versions maybe affected too...