CVE-2010-4937 – Joomla! Component Amblog 1.0 - Multiple SQL Injections

https://notcve.org/view.php?id=CVE-2010-4937

Multiple SQL injection vulnerabilities in the Amblog (com_amblog) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) articleid or (2) catid parameter to index.php. Vulnerabilidad de inyección SQL en el componente Amblog (com_amblog) v1.0 para Joomla!, permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro (1) articleid o (2) catid sobre index.php. • https://www.exploit-db.com/exploits/14596 http://adv.salvatorefresta.net/Amblog_1.0_Joomla_Component_Multiple_SQL_Injection_Vulnerabilities-10082010.txt http://secunia.com/advisories/40932 http://securityreason.com/securityalert/8456 http://www.exploit-db.com/exploits/14596 http://www.securityfocus.com/archive/1/512975/100/0/threaded • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •