QwikSec

Security Database

CVE

CWE

Training

CVE-2010-4696

Published: Jan 18, 2011

Modified: Sep 17, 2024

PUBLISHED

Description

Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via the (1) filter_order or (2) filter_order_Dir parameter in a com_contact action to index.php, a different vulnerability than CVE-2010-4166. NOTE: the provenance of this information is unknown; the details are obtained solely from third party information.

Vendor	Product	Versions
n/a	n/a	affected `n/a`

References

[oss-security] 20101112 CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure

mailing-list

x_refsource_MLIST

http://developer.joomla.org/security/news/9-security/10-core-security/323-20101101-core-sqli-info-disclosurevulnerabilities.html

x_refsource_MISC

third-party-advisory

x_refsource_SECUNIA

[oss-security] 20101112 Re: CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure

mailing-list

x_refsource_MLIST

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.