CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4CVE-2010-2845 – Joomla! Component QuickFAQ 1.0.3 - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-2845
SQL injection vulnerability in the QuickFAQ (com_quickfaq) component 1.0.3 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter in a category action to index.php. Vulnerabilidad de inyección SQL en el componente QuickFAQ (com_quickfaq) 1.0.3 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "Itemid" en una acción category a index.php. • https://www.exploit-db.com/exploits/14296 http://packetstormsecurity.org/1007-exploits/joomlaquickfaq-sql.txt http://www.exploit-db.com/exploits/14296 http://www.securityfocus.com/bid/41508 https://exchange.xforce.ibmcloud.com/vulnerabilities/60236 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •