CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2CVE-2009-0379 – Joomla! Component com_pcchess - Blind SQL Injection
https://notcve.org/view.php?id=CVE-2009-0379
SQL injection vulnerability in the Prince Clan Chess Club (com_pcchess) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the game_id parameter in a showgame action to index.php, a different vector than CVE-2008-0761. Vulnerabilidad de Inyección SQL en Prince Clan Chess Club (com_pcchess), componente para Joomla!, permite a atacantes remotos ejecutar código de su elección a través del parámetro "game_id" en una acción showgame sobre index.php, es un vector diferente a CVE-2008-0761. • https://www.exploit-db.com/exploits/7846 http://www.securityfocus.com/bid/33394 https://exchange.xforce.ibmcloud.com/vulnerabilities/48144 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 7.5EPSS: 0%CPEs: 1EXPL: 1CVE-2008-0761 – Joomla! Component pcchess 0.8 - SQL Injection
https://notcve.org/view.php?id=CVE-2008-0761
SQL injection vulnerability in index.php in the Prince Clan Chess Club (com_pcchess) 0.8 and earlier component for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a players action. Vulnerabilidad de inyección SQL en index.php en el componente Prince Clan Chess Club (com_pcchess) 0.8 y anteriores para Joomla! Permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro user_id en una acción players. • https://www.exploit-db.com/exploits/5104 http://www.securityfocus.com/bid/27761 https://exchange.xforce.ibmcloud.com/vulnerabilities/40436 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •