CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 5CVE-2010-1468 – Joomla! Component Multi-Venue Restaurant Menu Manager 1.5.2 - SQL Injection
https://notcve.org/view.php?id=CVE-2010-1468
SQL injection vulnerability in the Multi-Venue Restaurant Menu Manager (aka MVRMM or com_mv_restaurantmenumanager) component 1.5.2 Stable Update 3 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the mid parameter in a menu_display action to index.php. Vulnerabilidad de inyección SQL en el comoponente Multi-Venue Restaurant Menu Manager (también conocido como MVRMM o com_mv_restaurantmenumanager) v1.5.2 Stable Update 3 y anteriores para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "mid" en una acción menu_display sobre index.php. • https://www.exploit-db.com/exploits/12159 http://packetstormsecurity.org/1004-exploits/joomlamvrmm-sql.txt http://secunia.com/advisories/39217 http://www.exploit-db.com/exploits/12159 http://www.securityfocus.com/bid/39382 http://www.xenuser.org/documents/security/joomla_com_MVRMM_sql.txt • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2009-3325 – Joomla! Component com_surveymanager 1.5.0 - 'stype' SQL Injection
https://notcve.org/view.php?id=CVE-2009-3325
SQL injection vulnerability in the Focusplus Developments Survey Manager (com_surveymanager) component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php. Vulnerabilidad de inyección SQL en el componente Focusplus Developments Survey Manager(com_surveymanager) para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "stype" en una acción "editsurvey" a index.php. • https://www.exploit-db.com/exploits/9721 http://www.exploit-db.com/exploits/9721 http://www.securityfocus.com/bid/36464 http://www.vupen.com/english/advisories/2009/2705 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •