CVE-2010-0461 – Joomla! Component com_casino - SQL Injection
https://notcve.org/view.php?id=CVE-2010-0461
SQL injection vulnerability in the casino (com_casino) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a (1) category or (2) player action to index.php. Vulnerabilidad de inyección SQL en el componente casino (com_casino) v1.0 para Joomla! permite a atacantes remotos comandos SQL arbitrarios a través de el parámetro "id" en la acción (1) categoría o (2) player a index.php. • https://www.exploit-db.com/exploits/11237 http://packetstormsecurity.org/1001-exploits/joomlacasino1-sql.txt http://www.exploit-db.com/exploits/11237 http://www.securityfocus.com/bid/37938 https://exchange.xforce.ibmcloud.com/vulnerabilities/55846 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2009-2239 – Joomla! Component Casino 0.3.1 - Multiple SQL Injections s
https://notcve.org/view.php?id=CVE-2009-2239
SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php. Vulnerabilidad de inyección SQL en los componentes (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack)y (3) casino_videopoker (com_casino_videopoker) v0.3.1 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro "Itemid" para index.php. • https://www.exploit-db.com/exploits/8743 http://www.exploit-db.com/exploits/8743 http://www.securityfocus.com/bid/35041 https://exchange.xforce.ibmcloud.com/vulnerabilities/50645 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •