QwikSec

Security Database

CVE

CWE

Training

CVE Database
/

CVE-2010-4838

Back to search

CVE-2010-4838

Published: Sep 13, 2011

Modified: Aug 7, 2024

PUBLISHED

Description

SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the alpha parameter in a (1) listTickets or (2) listFaqs action to administrator/index.php.

VendorProductVersions

n/a

n/a

affected
n/a

References

42262
third-party-advisory
x_refsource_SECUNIA
15502
exploit
x_refsource_EXPLOIT-DB
8379
third-party-advisory
x_refsource_SREASON

Security Training

Train your team to recognize and prevent security threats with our comprehensive security awareness program.

Start Training

Vulnerability Scanning

Discover vulnerabilities in your applications and infrastructure before attackers do.

Scan Now