CVE-2009-4057 – Joomla! Extension iF Portfolio Nexus - SQL Injection
https://notcve.org/view.php?id=CVE-2009-4057
SQL injection vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action to index.php. Una vulnerabilidad de inyección SQL en el componente de Joomla! inertialFATE iF Portfolio Nexus (com_if_nexus) 1.1 permite a atacantes remotos ejecutar comandos SQL a través del parámetro id en una acción de elemento a index.php. • https://www.exploit-db.com/exploits/10177 http://osvdb.org/60308 http://secunia.com/advisories/37408 http://www.packetstormsecurity.org/0911-exploits/joomlanexus-sql.txt http://www.securityfocus.com/bid/37050 https://exchange.xforce.ibmcloud.com/vulnerabilities/54325 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •