CVE-2009-3335 – Joomla! Component Turtushout 0.11 - 'Name' SQL Injection

https://notcve.org/view.php?id=CVE-2009-3335

SQL injection vulnerability in the TurtuShout component 0.11 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Name field. Vulnerabilidad de inyección SQL en el componente TurtuShout v0.11 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del campo Name. • https://www.exploit-db.com/exploits/9653 http://www.exploit-db.com/exploits/9653 https://exchange.xforce.ibmcloud.com/vulnerabilities/53209 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •