CVE-2009-4599 – Joomla! Component com_jsjobs 1.0.5.6 - SQL Injection

https://notcve.org/view.php?id=CVE-2009-4599

Multiple SQL injection vulnerabilities in the JS Jobs (com_jsjobs) component 1.0.5.6 for Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the md parameter in an employer view_company action to index.php or (2) the oi parameter in an employer view_job action to index.php. Múltiples vulnerabilidades de inyección SQL en el componente JS Jobs (com_jsjobs) v1.0.5.6 para Joomla! permite a atacantes remotos ejecutar comandos SQL de forma arbitraria a través de (1) el parámetro "md" en una acción "employer view_company" a index.php o (2) el parámetro "oi" en una acción "employer view_company" a index.php. • https://www.exploit-db.com/exploits/10366 https://www.exploit-db.com/exploits/12822 http://packetstormsecurity.org/0912-exploits/joomlajobs-sql.txt http://www.exploit-db.com/exploits/10366 http://www.securityfocus.com/bid/37281 https://exchange.xforce.ibmcloud.com/vulnerabilities/54663 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •