CVE-2017-8917 – Joomla! 3.7.0 - 'com_fields' SQL Injection
https://notcve.org/view.php?id=CVE-2017-8917
SQL injection vulnerability in Joomla! 3.7.x before 3.7.1 allows attackers to execute arbitrary SQL commands via unspecified vectors. Una vulnerabilidad de inyección SQL en Joomla! 3.7.x versiones anteriores a 3.7.1 permite a los atacantes ejecutar comandos SQL arbitrarios a través de vectores no especificados. The Joomla version 3.7.0 fields component suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/42033 https://www.exploit-db.com/exploits/44358 https://github.com/brianwrf/Joomla3.7-SQLi-CVE-2017-8917 https://github.com/gmohlamo/CVE-2017-8917 https://github.com/AkuCyberSec/CVE-2017-8917-Joomla-370-SQL-Injection https://github.com/Siopy/CVE-2017-8917 https://github.com/BaptisteContreras/CVE-2017-8917-Joomla http://www.securityfocus.com/bid/98515 http://www.securitytracker.com/id/1038522 https://developer.joomla.org/security-centre/692& • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •