9 matches found
EUVD-2013-7002
Malware in sbrugna...
Joomla Plugin SexyPolling 2.1.7 - SQLi
Exploit Title: Joomla Plugin SexyPolling 2.1.7 - SQLi Google Dork: intext:"Powered by Sexy Polling" Date: 2022-02-08 Exploit Author: Wolfgang Hotwagner Vendor Homepage: https://2glux.com/projects/sexypolling Software Link: https://2glux.com/downloads/files/free/sexypollingpack2.1.72glux.com.zip...
Joomla Sexy Polling 2.1.7 SQL Injection Vulnerability
SexyPolling SQL Injection ==================== | Target: | Sexy Polling Joomla Extension | | Vendor: | 2glux | | Version: | all versions below version 2.1.8 | | CVE: | Not yet | | Accessibility: | Remote | | Severity: | Critical | | Author: | Wolfgang Hotwagner AIT Austrian Institute of Technolog...
Sql injection
SQL injection vulnerability in vote.php in the 2Glux Sexy Polling comsexypolling component before 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the answerid parameter...
CVE-2013-7219
CVE-2013-7219 affects the Joomla! Sexy Polling extension (com_sexypolling) by 2GLux. The vulnerability is an SQL injection in vote.php caused by insufficient validation of the POST parameter answer_id[]. This allows remote attackers to execute arbitrary SQL commands against the application's data...
Joomla! Component Sexy polling 1.0.8 - answer_id SQL Injection
Joomla! Component Sexy polling 1.0.8 - answerid SQL Injection source: https://www.securityfocus.com/bid/64991/info Sexy polling extension for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting...
Joomla Sexy Polling 1.0.8 SQL Injection
Advisory ID: HTB23193 Product: Sexy Polling Joomla Extension Vendor: 2GLux Vulnerable Versions: 1.0.8 and probably prior Tested Version: 1.0.8 Advisory Publication: December 26, 2013 without technical details Vendor Notification: December 26, 2013 Vendor Patch: January 8, 2014 Public Disclosure:...
Joomla! Component Sexy polling 1.0.8 - 'answer_id' SQL Injection
source: https://www.securityfocus.com/bid/64991/info Sexy polling extension for Joomla! is prone to an SQL-injection vulnerability because it fails to sufficiently sanitize user-supplied data before using it in an SQL query. Exploiting this issue could allow an attacker to compromise the...
SQL Injection in Sexy Polling Joomla Extension
High-Tech Bridge Security Research Lab discovered vulnerability in Sexy Polling Joomla Extension, which can be exploited to perform SQL Injection attacks. 1 SQL Injection in Sexy Polling Joomla Extension: CVE-2013-7219 The vulnerability exists due to insufficient validation of "answerid" HTTP POS...