CVE-2008-4105

Published: Sep 18, 2008

Modified: Aug 7, 2024

PUBLISHED

Description

JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20080916 Re: CVE request: joomla < 1.5.7

mailing-list

x_refsource_MLIST

http://developer.joomla.org/security/news/271-20080901-core-jrequest-variable-injection.html

x_refsource_CONFIRM

31789

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20080911 CVE request: joomla < 1.5.7

mailing-list

x_refsource_MLIST

4275

third-party-advisory

x_refsource_SREASON

joomla-jrequest-command-execution(45069)

vdb-entry

x_refsource_XF

[oss-security] 20080911 CVE request for Joomla multiple vuln.

mailing-list

x_refsource_MLIST

1020843

vdb-entry

x_refsource_SECTRACK

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now

CVE-2008-4105

Description

Affected Products

References