2 matches found
Joomla ECommerce-WD 1.2.5 SQL Injection
Version 1.2.5 of the ECommerce-WD plugin for Joomla! has multiple unauthenticated SQL injections available via the advanced search functionality. http://extensions.joomla.org/extension/ecommerce-wd The vulnerable parameters are searchcategoryid, sortorder, and filtermanufacturerids within the...
Joomla! Component ECommerce-WD 1.2.5 - SQL Injection
Version 1.2.5 of the ECommerce-WD plugin for Joomla! has multiple unauthenticated SQL injections available via the advanced search functionality. http://extensions.joomla.org/extension/ecommerce-wd The vulnerable parameters are searchcategoryid, sortorder, and filtermanufacturerids within the...