CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2009-3325 – Joomla! Component com_surveymanager 1.5.0 - 'stype' SQL Injection
https://notcve.org/view.php?id=CVE-2009-3325
SQL injection vulnerability in the Focusplus Developments Survey Manager (com_surveymanager) component 1.5.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the stype parameter in an editsurvey action to index.php. Vulnerabilidad de inyección SQL en el componente Focusplus Developments Survey Manager(com_surveymanager) para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "stype" en una acción "editsurvey" a index.php. • https://www.exploit-db.com/exploits/9721 http://www.exploit-db.com/exploits/9721 http://www.securityfocus.com/bid/36464 http://www.vupen.com/english/advisories/2009/2705 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •