CVE-2008-2093 – Joomla! Component Community Builder 1.0.1 - Blind SQL Injection

https://notcve.org/view.php?id=CVE-2008-2093

SQL injection vulnerability in the Profiler (com_comprofiler) component in Community Builder for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the user parameter in a userProfile action to index.php. Vulnerabilidad de inyección SQL en el componente Profiler (com_comprofiler) en Community Builder para Mambo y Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección mediante el parámetro user en una acción userProfile a index.php. • https://www.exploit-db.com/exploits/5491 http://www.securityfocus.com/bid/28911 https://exchange.xforce.ibmcloud.com/vulnerabilities/42008 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •