CVSS: 4.3EPSS: 0%CPEs: 2EXPL: 5CVE-2010-2147 – Joomla! Component My Car 1.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-2147
Cross-site scripting (XSS) vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to inject arbitrary web script or HTML via the modveh parameter to index.php. Vulnerabilidad de secuencias de comandos en sitios cruzados (XSS) en el componente My Car (com_mycar) v1.0 para Joomla! permite a atacantes remotos inyectar código web o HTML a través del parámetro modveh en index.php. • https://www.exploit-db.com/exploits/12779 http://osvdb.org/65000 http://secunia.com/advisories/39983 http://www.exploit-db.com/exploits/12779 http://www.securityfocus.com/bid/40430 http://www.vupen.com/english/advisories/2010/1271 http://www.xenuser.org/documents/security/joomla_com_mycar_multiple_vulnerabilities.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/58976 • CWE-79: Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') •
CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 5CVE-2010-2148 – Joomla! Component My Car 1.0 - Multiple Vulnerabilities
https://notcve.org/view.php?id=CVE-2010-2148
SQL injection vulnerability in the My Car (com_mycar) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the pagina parameter to index.php. Vulnerabilidad de inyección SQL en el componente v1.0 My Car (com_mycar) para Joomla! permite a atacantes remotos ejecutar comandos aleatorios SQL a través del parámetro página en index.php • https://www.exploit-db.com/exploits/12779 http://osvdb.org/64999 http://secunia.com/advisories/39983 http://www.exploit-db.com/exploits/12779 http://www.securityfocus.com/bid/40430 http://www.vupen.com/english/advisories/2010/1271 http://www.xenuser.org/documents/security/joomla_com_mycar_multiple_vulnerabilities.txt https://exchange.xforce.ibmcloud.com/vulnerabilities/58975 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •