CVE-2010-4927 – Joomla! Component Restaurant Guide 1.0.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-4927
SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a country action to index.php. Vulnerabilidad de inyección SQL en el componente Restaurant Guide (com_restaurantguide) v1.0.0 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id en una acción "country" sobre index.php. • https://www.exploit-db.com/exploits/15040 http://packetstormsecurity.org/1009-exploits/joomlarestaurantguide-sqlxsslfi.txt http://securityreason.com/securityalert/8458 http://www.exploit-db.com/exploits/15040 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2010-4928 – Joomla! Component Restaurant Guide 1.0.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-4928
Cross-site scripting (XSS) vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML by placing it after a > (greater than) character. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el componente Restaurant Guide (com_restaurantguide) v1.0.0 para Joomla!, permite a atacantes remotos inyectar secuencias de comandos web o HTML situándolo después del caracter > (mayor que) • https://www.exploit-db.com/exploits/15040 http://packetstormsecurity.org/1009-exploits/joomlarestaurantguide-sqlxsslfi.txt http://securityreason.com/securityalert/8458 http://www.exploit-db.com/exploits/15040 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVE-2010-2921 – Joomla! Component Golf Course Guide 0.9.6.0 - SQL Injection
https://notcve.org/view.php?id=CVE-2010-2921
SQL injection vulnerability in the Golf Course Guide (com_golfcourseguide) component 0.9.6.0 beta and 1 beta for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a golfcourses action to index.php. Vulnerabilidad de inyección SQL en el componente Golf Course Guide (com_golfcourseguide) v0.9.6.0 beta y 1 beta de Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id en una acción golfcourses a index.php. • https://www.exploit-db.com/exploits/14448 http://packetstormsecurity.org/1007-exploits/joomlagolfcourseguide-sql.txt http://www.exploit-db.com/exploits/14448 https://exchange.xforce.ibmcloud.com/vulnerabilities/60608 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •