A SQL injection vulnerability exists in Joomla! Component JquickContact 1.3.2.2.1. An attacker can send a malicious HTTP request to the vulnerable application in order to execute arbitrary SQL commands in the back-end database.
Joomla! Component JomEstate PRO version 3.7 and below is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'id' in the 'index.php' page. This can allow the attacker to access sensitive information from the database.
Joomla! Component JGive 2.0.9 is vulnerable to SQL Injection. An attacker can inject malicious SQL queries via the 'filter_org_ind_type' and 'campaign_countries' parameters in the 'index.php' and 'more/campaigns-in-pin-display/campaigns/all/search/' scripts, respectively. This can be exploited to manipulate SQL queries by injecting arbitrary SQL code.
A SQL injection vulnerability exists in Joomla! Component JB Bus 2.3, which allows an attacker to execute arbitrary SQL commands via the 'order_number' parameter in the 'index.php' script.
Joomla! Component InviteX 3.0.5 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a maliciously crafted HTTP request to the vulnerable application. This can allow the attacker to execute arbitrary SQL commands on the underlying database, potentially allowing for the retrieval of sensitive data from the database.
Joomla! Component Gallery WD 1.3.6 is vulnerable to SQL Injection. An attacker can inject malicious SQL queries via the 'tag_id' and 'gallery_id' parameters in the 'index.php' page. This can be exploited to read, modify or delete data from the database, or to execute arbitrary system commands.
Joomla! Component Form Maker 3.6.12 is vulnerable to SQL Injection. An attacker can exploit this vulnerability to gain access to sensitive information stored in the database. The vulnerability exists due to insufficient sanitization of user-supplied input in the 'id' and 'from' parameters of the 'index.php' script. An attacker can send a maliciously crafted HTTP request to the vulnerable script and execute arbitrary SQL commands in the context of the web application. This can allow the attacker to access or modify data in the back-end database.
Joomla! Component File Download Tracker 3.0 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a malicious SQL query to the vulnerable parameter 'dynfield[phone]' in the 'index.php' page or by sending a malicious SQL query to the vulnerable parameter 'sess' in the 'download' page. This can allow an attacker to gain access to the underlying database and execute arbitrary SQL commands.
Joomla! Component Fastball 2.5 is vulnerable to SQL Injection. An attacker can exploit this vulnerability by sending a crafted HTTP request with malicious SQL code to the vulnerable application. This can allow the attacker to gain access to sensitive information stored in the database.
A SQL injection vulnerability exists in Joomla! Component DT Register 3.2.7. An attacker can send a malicious SQL query to the vulnerable parameter 'id' in the 'index.php' file to execute arbitrary SQL commands in the application's database.
Services By CQR