Description
SQL injection vulnerability in Joomla! 1.5 before RC2 (aka Endeleo) allows remote attackers to execute arbitrary SQL commands via unspecified vectors, probably related to the archive section. NOTE: this may be the same as CVE-2007-4778.
References (8)
Core 8
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36423
Patch x_refsource_confirm
http://www.joomla.org/content/view/3831/1/
Exploit, Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25508
Third Party Advisory third-party-advisory
x_refsource_sreason
http://securityreason.com/securityalert/3108
Third Party Advisory, VDB Entry mailing-list
x_refsource_bugtraq
http://www.securityfocus.com/archive/1/478451/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/39072
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/39071
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/39070
Scores
EPSS
0.0005
EPSS Percentile
15.7%
Details
CWE
CWE-89
Status
published
Products (3)
joomla/joomla
1.5.0_beta
joomla/joomla
1.5.0_beta2
joomla/joomla
1.5.0_rc1
Published
Sep 10, 2007
Tracked Since
Feb 18, 2026