CVE-2008-0721 – Mambo Component Sermon 0.2 - 'gid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0721
SQL injection vulnerability in index.php in the Sermon (com_sermon) 0.2 component for Mambo allows remote attackers to execute arbitrary SQL commands via the gid parameter. Vulnerabilidad de inyección SQL en index.php en el componente Sermon (com_sermon) 0.2 para Mambo permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro gid. • https://www.exploit-db.com/exploits/5076 http://www.securityfocus.com/bid/27673 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-0686 – Joomla! Component NeoReferences 1.3.1 - 'catid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0686
SQL injection vulnerability in index.php in the NeoReferences (com_neoreferences) 1.3.1 and 1.3.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter. Vulnerabilidad de inyección SQL en index.php en el componente NeoReferences (com_neoreferences) 1.3.1 y 1.3.3 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro catid. • https://www.exploit-db.com/exploits/5034 http://secunia.com/advisories/28736 http://www.securityfocus.com/bid/27564 https://exchange.xforce.ibmcloud.com/vulnerabilities/40167 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-0652 – Mambo Component com_downloads - SQL Injection
https://notcve.org/view.php?id=CVE-2008-0652
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action. Vulnerabilidad de inyección SQL en index.php en el componente Downloads (com_dowlnloads) para Mambo and Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro filecatid en la acción selectfolder. • https://www.exploit-db.com/exploits/5073 http://www.securityfocus.com/bid/27648 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-0607
https://notcve.org/view.php?id=CVE-2008-0607
SQL injection vulnerability in index.php in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information. Vulnerabilidad de inyección SQL en index.php en el componente Sigsiu Online Business Index 2 (SOBI2, com_sobi2) 2.5.3 para Joomla! y Mambo. • http://www.securityfocus.com/bid/27617 https://www.exploit-db.com/exploits/5038 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2008-0603 – Mambo Component 'com_awesom' 0.3.2 - 'listid' SQL Injection
https://notcve.org/view.php?id=CVE-2008-0603
SQL injection vulnerability in index.php in the amazOOP Awesom! (com_awesom) 0.3.2component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the listid parameter in a viewlist task. Vulnerabilidad de inyección de código SQL en index.php en el componente amazOOP Awesom! (com_awesom) 0.3.2 para Mambo y Joomla!. • https://www.exploit-db.com/exploits/5058 http://www.securityfocus.com/bid/27607 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •