vendor:
com_job
by:
Palyo34
9
CVSS
HIGH
SQL Injection
89
CWE
Product Name: com_job
Affected Version From: N/A
Affected Version To: N/A
Patch Exists: NO
Related CWE: N/A
CPE: N/A
Metasploit:
N/A
Other Scripts:
N/A
Tags: N/A
CVSS Metrics: N/A
Nuclei References:
N/A
Nuclei Metadata: N/A
Platforms Tested: N/A
2009
Joomla Component com_job ( showMoreUse) SQL injection vulnerability
A SQL injection vulnerability exists in the Joomla Component com_job ( showMoreUse) which allows an attacker to execute arbitrary SQL commands on the underlying database. The vulnerability is due to insufficient sanitization of user-supplied input in the 'id' parameter of the 'showMoreUser' task. An attacker can exploit this vulnerability by sending a specially crafted HTTP request containing malicious SQL commands to the vulnerable application. Successful exploitation of this vulnerability can allow an attacker to gain access to sensitive information stored in the database, modify or delete data, or even execute arbitrary system commands.
Mitigation:
Input validation should be used to ensure that user-supplied input is properly sanitized. Additionally, the application should be configured to use parameterized queries.
