Joomla! Component JE Messanger is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'cid[0]' in the following URLs: http://localhost/[PATH]/index.php?option=com_jemessenger&view=box_detail&folder=Inbox&task=edit&Itemid=1496&cid[0]=[SQL], http://localhost/[PATH]/index.php?option=com_jemessenger&view=box_detail&folder=Outbox&task=edit&Itemid=1496&cid[0]=[SQL], http://localhost/[PATH]/index.php?option=com_jemessenger&view=box_detail&folder=Trash&task=edit&Itemid=1496&cid[0]=[SQL].
A SQL injection vulnerability exists in Joomla! Component JE Ticket System v1.2. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'cid[0]' in the 'index.php?option=com_jeticket&view=assign_detail' URL. This can allow the attacker to access or modify the affected application's data.
A SQL injection vulnerability exists in Joomla! Component JE Portfolio Creator v1.2. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database, such as user credentials, or even execute arbitrary code on the server.
A SQL injection vulnerability exists in Joomla! Component JE Form Creator v1.8. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database.
A SQL injection vulnerability exists in Joomla! Component JE K2 Multiple Form Story v1.3, which allows an attacker to execute arbitrary SQL commands via the 'Itemid' parameter in a 'index.php?option=com_jek2storymultipleform&view=jesubmit' URL.
A SQL injection vulnerability exists in Joomla! Component JE Grid Folio, which allows an attacker to execute arbitrary SQL commands via the 'id' parameter in a 'index.php?option=com_jegridfolio&view=category_detail' request.
A SQL injection vulnerability exists in Joomla! Component JE Quiz 2.3. An attacker can send malicious SQL queries to the application by manipulating the 'eid' and 'Itemid' parameters in the 'index.php' page.
A SQL injection vulnerability exists in Joomla! Component Hbooking 1.9.9. An attacker can send a malicious SQL query to the vulnerable parameter 'h_id' in the 'index.php' script to execute arbitrary SQL commands in the backend database.
A SQL injection vulnerability exists in Joomla! Component JE Awd Song 1.8. An attacker can send malicious SQL queries to the application by manipulating the 'id' and 'contest_id' parameters in the 'index.php' script.
A SQL injection vulnerability exists in Joomla! Component JE Auto 1.5. An attacker can send a specially crafted HTTP request to the vulnerable application in order to execute arbitrary SQL commands in the back-end database. This can potentially result in the manipulation or disclosure of application data.
Services By CQR