CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2010-0796 – Joomla! Component JE Quiz - 'eid' Blind SQL Injection
https://notcve.org/view.php?id=CVE-2010-0796
SQL injection vulnerability in the JE Quiz (com_jequizmanagement) component 1.b01 for Joomla! allows remote attackers to execute arbitrary SQL commands via the eid parameter in a question action to index.php. Vulnerabilidad de inyección SQL en el componente JE Quiz (com_jequizmanagement) v1.b01 para Joomla! permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro "eid" en una acción "question" a index.php. • https://www.exploit-db.com/exploits/11287 http://osvdb.org/62039 http://packetstormsecurity.org/1001-exploits/joomlajequiz-sql.txt http://secunia.com/advisories/38412 http://www.exploit-db.com/exploits/11287 http://www.securityfocus.com/bid/38032 https://exchange.xforce.ibmcloud.com/vulnerabilities/56009 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 3CVE-2010-0795 – Joomla! Component JE Event Calendar - SQL Injection
https://notcve.org/view.php?id=CVE-2010-0795
SQL injection vulnerability in the JE Event Calendars (com_jeeventcalendar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the event_id parameter in an event action to index.php. Vulnerabilidad de inyección SQL en el componente JE Event Calendars (com_jeeventcalendar) v1.0 para Joomla! permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro "event_id" en una acción "event" a index.php. • https://www.exploit-db.com/exploits/11292 http://osvdb.org/62038 http://secunia.com/advisories/38408 http://www.exploit-db.com/exploits/11292 http://www.securityfocus.com/bid/38012 https://exchange.xforce.ibmcloud.com/vulnerabilities/56008 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •