CVE-2010-4862
CVE-2010-4862 describes an SQL injection in the Joomla! extension JExtensions JE Directory (com_jedirectory) version 1.0, where an attacker can abuse the catid parameter in an item action to index.php to execute arbitrary SQL. The root cause is unsanitized SQL input in the affected component. Aff...