CVE-2008-6653 – Joomla! Component Webhosting - 'catid' Blind SQL Injection

https://notcve.org/view.php?id=CVE-2008-6653

07 Apr 2009 — SQL injection vulnerability in webhosting.php in the Webhosting Component (com_webhosting) module before 1.1 RC7 for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. Vulnerabilidad de inyección SQL en webhosting.php en el modulo Webhosting (com_webhosting) anteriores a v1.1 RC7 para Joomla! y Mambo permite a atacantes remotos ejecutar comando SQL de forma arbitraria a través del parámetro "catid" a index.php. • https://www.exploit-db.com/exploits/5527 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •