CVE-2006-7010

The mosgetparam implementation in Joomla! before 1.0.10, does not set a variable's data type to integer when the variable's default value is numeric, which has unspecified impact and attack vectors, which may permit SQL injection attacks...

Joomla -- multiple vulnerabilities

Joomla Site reports: Secured "Remember Me" functionality against SQL injection attacks Secured "Related Items" module against SQL injection attacks Secured "Weblinks" submission against SQL injection attacks Secured SEF from XSS vulnerability Hardened frontend submission forms against spoofing...

Sql injection

SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via 1 the $username variable in the mosGetParam function and 2 the $task parameter in the mosMenuCheck function in a includes/mambo.php; and 3 the $filter...

CVE-2006-1794

SQL injection vulnerability in Mambo 4.5.3, 4.5.3h, and possibly earlier versions allows remote attackers to execute arbitrary SQL commands via 1 the $username variable in the mosGetParam function and 2 the $task parameter in the mosMenuCheck function in a includes/mambo.php; and 3 the $filter...