CVE-2010-4927 – Joomla! Component Restaurant Guide 1.0.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-4927
SQL injection vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a country action to index.php. Vulnerabilidad de inyección SQL en el componente Restaurant Guide (com_restaurantguide) v1.0.0 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro id en una acción "country" sobre index.php. • https://www.exploit-db.com/exploits/15040 http://packetstormsecurity.org/1009-exploits/joomlarestaurantguide-sqlxsslfi.txt http://securityreason.com/securityalert/8458 http://www.exploit-db.com/exploits/15040 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVE-2010-4928 – Joomla! Component Restaurant Guide 1.0.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-4928
Cross-site scripting (XSS) vulnerability in the Restaurant Guide (com_restaurantguide) component 1.0.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML by placing it after a > (greater than) character. Vulnerabilidad de ejecución de secuencias de comandos en sitios cruzados (XSS) en el componente Restaurant Guide (com_restaurantguide) v1.0.0 para Joomla!, permite a atacantes remotos inyectar secuencias de comandos web o HTML situándolo después del caracter > (mayor que) • https://www.exploit-db.com/exploits/15040 http://packetstormsecurity.org/1009-exploits/joomlarestaurantguide-sqlxsslfi.txt http://securityreason.com/securityalert/8458 http://www.exploit-db.com/exploits/15040 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •