Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2007-4778

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2007-4778
Last Modified 05 Feb 2009 12:00:00
Published 10 Sep 2007 05:17:00
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2007-4778

Summary

Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, Beta2, and RC1 allow remote attackers to execute arbitrary SQL commands via the filter parameter in an archive action to (1) archive.php, (2) category.php, or (3) section.php in models/. NOTE: this may be the same as CVE-2007-4777.

Vulnerable Systems

Application

  • Joomla 1.5.0 Beta1

  • Joomla 1.5.0 Beta2

  • Joomla 1.5.0 Rc1


References

XF - joomla-filter-sql-injection(36423)

BID - 25508

MISC - http://www.joomla.org/content/view/3831/1/

OSVDB - 39072

OSVDB - 39071

OSVDB - 39070

MISC - http://downloads.securityfocus.com/vulnerabilities/exploits/25508.php


Last Updated: 27 May 2016 10:45:58