2 matches found
CVE-2009-3155
CVE-2009-3155 describes a cross-site scripting (XSS) vulnerability in the gmap.php file of the Almond Classifieds component (com_aclassf) version 7.5 for Joomla!, allowing remote attackers to inject arbitrary script via the addr parameter. Public references include exploitation coverage (Exploit-...
CVE-2009-3154
The provided details identify CVE-2009-3154 as a SQL injection in the Joomla! Almond Classifieds extension (com_aclassf) version 7.5. The vulnerability is exploitable via the replid parameter in a manw_repl add_form action to index.php, enabling remote execution of arbitrary SQL commands. The con...