CVE-2007-0374
Joomla 1.0.11 and 1.5 Beta - SQL Injection via ID Parameter
Title source: llmDescription
SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and (2) Mambo 4.6.1, allows remote attackers to execute arbitrary SQL commands via the id parameter when cancelling content editing.
References (5)
Core 5
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/32520
Exploit, Patch, Vendor Advisory mailing-list
x_refsource_fulldisc
http://archives.neohapsis.com/archives/fulldisclosure/2007-01/0355.html
Exploit, Vendor Advisory vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/19734
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/459203/100/0/threaded
Vendor Advisory x_refsource_misc
http://www.hackers.ir/advisories/festival.txt
Scores
EPSS
0.0002
EPSS Percentile
4.7%
Details
Status
published
Products (3)
joomla/joomla
1.0.11
joomla/joomla
1.5.0_beta
mambo/mambo
4.6.1
Published
Jan 19, 2007
Tracked Since
Feb 18, 2026