Joomla! Component Solidres 2.5.1 is vulnerable to SQL Injection. An attacker can inject malicious SQL queries via the 'location', 'checkin', 'checkout', 'room_quantity', 'room_opt[1][adults]', 'room_opt[1][children]', 'task', 'start', 'Itemid', '9f3d70a896d5f1332174599ecac43607', 'ordering', 'direction', and 'type_id' parameters in the 'index.php/en/component/solidres/' URL. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
A SQL injection vulnerability exists in Joomla! Component Smart Shoutbox 3.0.0. An attacker can send a malicious SQL query to the vulnerable parameter 'shoutauthor' in the 'archive' page of the component. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. Successful exploitation of this vulnerability may allow an attacker to compromise the application, access or modify data, or exploit vulnerabilities in the underlying database implementation.
Joomla! Component SimpleCalendar 3.1.9 is vulnerable to SQL Injection. An attacker can exploit this vulnerability to inject malicious SQL queries into the application and gain access to sensitive data. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'catid' parameter of the 'index.php' script. An attacker can exploit this vulnerability by sending a specially crafted HTTP request with malicious SQL code to the vulnerable application. Successful exploitation of this vulnerability can result in unauthorized access to sensitive data, modification of data, and even server compromise.
Joomla! Component Realpin version 1.5.04 and below is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'pinboard' in the 'index.php' file. This can allow the attacker to gain access to the database and execute malicious code.
Joomla! Component Project Log 1.5.3 is vulnerable to SQL Injection. An attacker can inject malicious SQL queries via the 'search' parameter in the 'index.php' file. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code. This can be used to bypass authentication and gain access to unauthorized data.
Joomla! Component NeoRecruit 4.1 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a crafted SQL query to the vulnerable parameter. This can allow the attacker to gain access to sensitive information from the database.
A SQL injection vulnerability exists in Joomla! Component MediaLibrary Free 4.0.12. An attacker can send a malicious SQL query to the vulnerable parameter 'id' in 'index.php?option=com_medialibrary&task=view_author&id=[SQL]' and 'mid[0]' in 'index.php/component/medialibrary/0/lend_request?Itemid=0&mid[0]=[SQL]' to execute arbitrary SQL commands in application's database.
Joomla! Component JTicketing 2.0.16 is vulnerable to SQL Injection. An attacker can inject malicious SQL queries via the 'filter_creator' parameter in the 'index.php' file. This can be exploited to bypass authentication and gain access to the application.
Joomla! Component JS Jobs 1.1.9 is vulnerable to SQL Injection. An attacker can inject malicious SQL queries via the 'zipcode' and 'ta' parameters in the 'index.php' script. This can be exploited to bypass authentication and disclose sensitive information from the database.
Joomla! Component JS Autoz 1.0.9 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending malicious SQL queries to the vulnerable parameter. This can be exploited to gain access to the database and execute malicious code.
Services By CQR