CVE-2007-4778
Joomla! 1.5 Beta1-1.5 RC1 - SQL Injection via Content Component Filter Parameter
Title source: llmDescription
Multiple SQL injection vulnerabilities in the content component (com_content) in Joomla! 1.5 Beta1, Beta2, and RC1 allow remote attackers to execute arbitrary SQL commands via the filter parameter in an archive action to (1) archive.php, (2) category.php, or (3) section.php in models/. NOTE: this may be the same as CVE-2007-4777.
References (7)
Core 7
Core References
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/36423
Patch x_refsource_misc
http://www.joomla.org/content/view/3831/1/
Patch vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/25508
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/39072
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/39071
Third Party Advisory, VDB Entry x_refsource_misc
http://downloads.securityfocus.com/vulnerabilities/exploits/25508.php
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/39070
Scores
EPSS
0.0005
EPSS Percentile
15.7%
Details
CWE
CWE-89
Status
published
Products (3)
joomla/joomla
1.5.0_beta1
joomla/joomla
1.5.0_beta2
joomla/joomla
1.5.0_rc1
Published
Sep 10, 2007
Tracked Since
Feb 18, 2026