1 results (0.010 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 2

SQL injection vulnerability in the Lucy Games (com_lucygames) component 1.5.4 for Joomla! allows remote attackers to execute arbitrary SQL commands via the gameid parameter in a game action to index.php. NOTE: some of these details are obtained from third party information. Vulnerabilidad de inyección SQL en el componente Lucy Games (com_lucygames) v1.5.4 de Joomla!. Permite a usuarios remotos ejecutar comandos SQL de su elección a través de el parámetro "gameid" en una acción "game" de index.php. • http://www.exploit-db.com/exploits/9614 http://www.securityfocus.com/bid/36334 https://exchange.xforce.ibmcloud.com/vulnerabilities/53117 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •