CVE-2008-6337 – Joomla! Component Volunteer 2.0 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-6337
SQL injection vulnerability in the Volunteer Management System (com_volunteer) module 2.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the job_id parameter in a jobshow action to index.php. Vulnerabilidad de inyección SQL en el módulo Volunteer Management System (com_volunteer) v2.0 para Joomla!, permite a atacantes remotos ejecutar comandos SQL a través del parámetro job_id en una acción jobshow sobre el fichero index.php. • https://www.exploit-db.com/exploits/7546 http://secunia.com/advisories/33271 http://www.securityfocus.com/bid/32973 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-6149 – Joomla! Component mDigg 2.2.8 - 'category' SQL Injection
https://notcve.org/view.php?id=CVE-2008-6149
SQL injection vulnerability in the mDigg (com_mdigg) component 2.2.8 for Joomla! allows remote attackers to execute arbitrary SQL commands via the cagtegory parameter in a story_lists action to index.php. Una vulnerabilidad de inyección de SQL en el componente mDigg (com_mdigg) 2.2.8 para Joomla! permite a atacantes remotos ejecutar comandos SQL a través del parámetro cagtegory en una acción story_lists en index.php. • https://www.exploit-db.com/exploits/7574 https://www.exploit-db.com/exploits/17464 http://secunia.com/advisories/33306 http://www.osvdb.org/51005 http://www.securityfocus.com/archive/1/499618/100/0/threaded http://www.securityfocus.com/bid/33009 https://exchange.xforce.ibmcloud.com/vulnerabilities/47612 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •