CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2012-4868
https://notcve.org/view.php?id=CVE-2012-4868
SQL injection vulnerability in news.php in the Kunena component 1.7.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter. Vulnerabilidad de inyección SQL en news.php en el componente Kunena v1.7.2 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id. • http://exploitsdownload.com/exploit/na/kunena-20-sql-injection http://www.securityfocus.com/bid/52636 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 3CVE-2009-4550 – Joomla! Component Kunena Forums (com_kunena) - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2009-4550
SQL injection vulnerability in the Kunena Forum (com_kunena) component 1.5.3 and 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the func parameter to index.php. Vulnerabilidad de inyección SQL en el componente Kunena Forum (com_kunena) v1.5.3 y v1.5.4 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "func" a index.php. • https://www.exploit-db.com/exploits/9408 http://secunia.com/advisories/36245 http://www.exploit-db.com/exploits/9408 http://www.securityfocus.com/bid/36020 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •