2 results (0.010 seconds)

CVSS: 7.5EPSS: 0%CPEs: 3EXPL: 0

SQL injection vulnerability in the IP-Tech JQuarks (com_jquarks) Component 0.2.3, and possibly earlier, for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter to index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de inyección SQL en el componente IP-Tech JQuarks (com_jquarks) v0.2.3 y posiblemente anteriores para Joomla! permite a atacantes remotos ejecutar comandos SQL arbitrarios a través del parámetro "id" a index.php. • http://secunia.com/advisories/38623 http://www.iptechinside.com/labs/news/show/6 http://www.osvdb.org/62332 http://www.securityfocus.com/bid/38203 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •

CVSS: 5.0EPSS: 0%CPEs: 3EXPL: 0

Unspecified vulnerability in the IP-Tech JQuarks (com_jquarks) Component before 0.2.4 for Joomla! allows attackers to obtain the installation path for Joomla! via unknown vectors. Vulnerabilidad no especificada en el componente para Joomla! IP-Tech JQuarks (com_jquarks) anteriores a la v0.2.4, permitiría a los atacantes obtener el path de instalación de Joomla! • http://www.iptechinside.com/labs/news/show/6 https://exchange.xforce.ibmcloud.com/vulnerabilities/56523 • CWE-200: Exposure of Sensitive Information to an Unauthorized Actor •