Lucene search
K
Catalog
Vendors
Products
Timeline
Vulnerabilities
Sources
Documentation
Blog
Glossary
FAQ
Brand assets
Assessment
Agents dashboard
Agent Scanning
API Scanning
Assessment API
Alerts
Email notifications
Webhook notifications
Alerts API
SBOM package analysis
API Reference
Support
Settings
Sign in
🔥 Daily Hot!
💪🏽 CPE Enhanced Advisories
🕶 Shadow Exploits
🕵🏼 Vulners CPE
🔐 Security news
💻 Exploit updates
📑 Blogs review
🐧 Linux vulnerabilities
🐞 Bugbounty
🤖 AI High Score
📰 CVE Feed
show all

8 matches found

seebug.org
seebug.orgadded 2014/07/01 12:0 a.m.11 views

Joomla JV Comment Extension 3.0.2 (index.php, id param) - SQL Injection

No description provided by source...

7.1AI score
Exploits0
seebug.org
seebug.orgadded 2014/02/10 12:0 a.m.29 views

Joomla! JV Comment扩展'id'参数SQL注入漏洞

BUGTRAQ ID: 64661 CVECAN ID: CVE-2014-0794 JV Comment是Joomla!的一个扩展,可以将评论系统添加到文章内。 JV Comment for Joomla!版本3.0.2,文件comjvcomment在实现上存在跨站脚本漏洞,这可使远程攻击者在comment.like操作的id参数,利用此漏洞注入任意Web脚本或HTML,从而查看、添加、修改、删除后端数据库内的信息。 0 Joomla! JV Comment 3.0.2 厂商补丁: Joomla! ------- 目前厂商已经发布了升级补丁以修复这个安全问题,请到厂商的主页下载:...

4.3CVSS6.4AI score0.00017EPSS
Exploits5
Prion
Prionadded 2014/01/26 8:55 p.m.16 views

Sql injection

SQL injection vulnerability in the JV Comment comjvcomment component before 3.0.3 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a comment.like action to index.php...

4.3CVSS8.4AI score0.00017EPSS
Exploits5References7Affected Software1
Cvelist
Cvelistadded 2014/01/26 8:0 p.m.23 views

CVE-2014-0794

SQL injection vulnerability in the JV Comment comjvcomment component before 3.0.3 for Joomla! allows remote authenticated users to execute arbitrary SQL commands via the id parameter in a comment.like action to index.php...

7.8AI score0.00017EPSS
Exploits5References7
CVE
CVEadded 2014/01/26 8:0 p.m.56 views

CVE-2014-0794

CVE-2014-0794 describes a SQL injection in Joomla! JV Comment (com_jvcomment) prior to 3.0.3. The vulnerability occurs in the id parameter of the comment.like action to index.php, allowing remote authenticated users to inject arbitrary SQL commands into the application's database. Affected softwa...

4.3CVSS8AI score0.00017EPSS
Exploits5References7Affected Software1
Packet Storm
Packet Stormadded 2014/01/24 12:0 a.m.62 views

Joomla JV Comment 3.0.2 SQL Injection

Advisory ID: HTB23195 Product: JV Comment Joomla Extension Vendor: joomlavi.com Vulnerable Versions: 3.0.2 and probably prior Tested Version: 3.0.2 Advisory Publication: January 2, 2014 without technical details Vendor Notification: January 2, 2014 Vendor Patch: January 14, 2014 Public Disclosure...

4.3CVSS0.2AI score0.00017EPSS
Exploits5
0day.today
0day.todayadded 2014/01/24 12:0 a.m.45 views

Joomla JV Comment 3.0.2 SQL Injection Vulnerability

Joomla JV Comment extension version 3.0.2 suffers from a remote SQL injection vulnerability. Product: JV Comment Joomla Extension Vendor: joomlavi.com Vulnerable Versions: 3.0.2 and probably prior Tested Version: 3.0.2 Advisory Publication: January 2, 2014 without technical details Vendor...

4.3CVSS7.6AI score0.00017EPSS
Exploits5
htbridge
htbridgeadded 2014/01/02 12:0 a.m.46 views

SQL Injection in JV Comment Joomla Extension

High-Tech Bridge Security Research Lab discovered SQL injection vulnerability in JV Comment Joomla Extension, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in JV Comment Joomla Extension: CVE-2014-0794 The vulnerability exists due to insufficient validation of "id" HTTP...

6.5CVSS8.1AI score0.00017EPSS
Exploits5Affected Software1
Rows per page
Query Builder