4 matches found
CVE-2010-1522
The CVE-2010-1522 issue affects BookLibrary Basic (com_booklibrary) for Joomla! 1.5.3, where multiple SQL injections are possible via user-supplied parameters in index.php. The root cause is improper sanitization of inputs in five vectors: bid[] in lend_request/save_lend_request, id in mdownload/...
CVE-2009-3817
CVE-2009-3817 is a PHP remote file inclusion vulnerability in the BookLibrary (com_booklibrary) Joomla! component. Affected entry: version 1.0 for BookLibrary allows an attacker to execute arbitrary PHP code via a URL in the mosConfig_absolute_path parameter (remote inclusion). This vector is dis...
CVE-2010-2851
The CVE-2010-2851 entry refers to an SQL injection in the Joomla! BookLibrary From Same Author (com_booklibrary) module (version 1.5 and possibly earlier). The vulnerability is triggered via the id parameter in a view action to index.php, allowing remote attackers to execute arbitrary SQL command...
CVE-2009-2637
CVE-2009-2637 refers to a PHP remote file inclusion vulnerability in the BookLibrary (com_booklibrary) Joomla! component. The affected code path is toolbar_ext.php in the 1.5.2.4 Basic release, where an attacker can trigger arbitrary PHP code execution by supplying a URL in the mosConfig_absolute...