CVE-2010-1372 – Joomla! Component HD FLV Player - 'id' SQL Injection
https://notcve.org/view.php?id=CVE-2010-1372
SQL injection vulnerability in the HD FLV Player (com_hdflvplayer) component 1.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. Una vulnerabilidad de inyección SQL en el componente reproductor de HD FLV (com_hdflvplayer) v1.3 de Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro id en index.php. • https://www.exploit-db.com/exploits/33673 http://osvdb.org/62570 http://packetstormsecurity.org/1002-exploits/joomlahdflvplayer-sql.txt http://secunia.com/advisories/38691 http://www.securityfocus.com/bid/38401 https://exchange.xforce.ibmcloud.com/vulnerabilities/56516 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •