Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2005-3772

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2005-3772
Last Modified 07 Mar 2011 09:27:09
Published 22 Nov 2005 07:03:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2005-3772

Summary

Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow remote attackers to execute arbitrary SQL commands via the (1) Itemid variable in the Polls modules and (2) multiple unspecified methods in the mosDBTable class.

Vulnerable Systems

Application

  • Joomla 1.0

  • Joomla 1.0.1

  • Joomla 1.0.2

  • Joomla 1.0.3


References

BID - 15526

SECUNIA - 17675

XF - joomla-mosdbtable-sql-injection(23178)

XF - joomla-modpoll-sql-injection(23177)

VUPEN - ADV-2005-2526

OSVDB - 21043

OSVDB - 21042

CONFIRM - http://www.joomla.org/content/view/499/66/


Last Updated: 27 May 2016 10:41:02