vendor:
Joomla
by:
TR-ShaRk
8.5
CVSS
HIGH
SQL-injection
89
CWE
Product Name: Joomla
Affected Version From: 1.3.2001
Affected Version To: 1.3.2001
Patch Exists: NO
Related CWE: N/A
CPE: a:joomla:joomla
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2008
Joomla com_marketplace(catid) SQL-injection vulnerability
A vulnerability in the Joomla com_marketplace module allows an attacker to inject arbitrary SQL commands via the 'catid' parameter. An attacker can exploit this vulnerability to gain access to sensitive information such as usernames and passwords stored in the database.
Mitigation:
Ensure that user input is properly sanitized and validated before being used in SQL queries.