CVE-2010-4902 – Joomla! Component Clantools 1.2.3 - Multiple Blind SQL Injections
https://notcve.org/view.php?id=CVE-2010-4902
Multiple SQL injection vulnerabilities in the Clantools (com_clantools) component 1.2.3 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) squad or (2) showgame parameter to index.php. Múltiples vulnerabilidades de inyección SQL en el componente Clantools (com_clantools) v1.2.3 para Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través de (1) squad o (2) parámetro showgame en index.php. • https://www.exploit-db.com/exploits/14902 https://www.exploit-db.com/exploits/14901 http://packetstormsecurity.org/1009-exploits/joomlaclantools-sql.txt http://secunia.com/advisories/41322 http://securityreason.com/securityalert/8440 http://www.exploit-db.com/exploits/14902 http://www.osvdb.org/67827 http://www.securityfocus.com/bid/42986 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •