CVE-2007-6272

Joomla! 1.5 RC3 - SQL Injection via com_content or com_search Parameters

Title source: llm
STIX 2.1

Exploitation Summary

EIP tracks 2 public exploits for CVE-2007-6272. PoCs published by beenudel1986.

AI-analyzed exploit summary The provided text describes a SQL injection vulnerability in Joomla! 1.5 RC3, where user-supplied input is not properly sanitized before being used in SQL queries. The example URL demonstrates a potential attack vector, but no actual exploit code is present.

Description

Multiple SQL injection vulnerabilities in index.php in Joomla! 1.5 RC3 allow remote attackers to execute arbitrary SQL commands via (1) the view parameter to the com_content component, (2) the task parameter to the com_search component, or (3) the option parameter in a search action to the com_search component.

Exploits (2)

exploitdb WRITEUP VERIFIED
by beenudel1986 · textwebappsphp
https://www.exploit-db.com/exploits/30848

The provided text describes a SQL injection vulnerability in Joomla! 1.5 RC3, where user-supplied input is not properly sanitized before being used in SQL queries. The example URL demonstrates a potential attack vector, but no actual exploit code is present.

Classification
Writeup 80%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Joomla! 1.5 RC3
No auth needed
Prerequisites: Access to a vulnerable Joomla! instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →
exploitdb WRITEUP VERIFIED
by beenudel1986 · textwebappsphp
https://www.exploit-db.com/exploits/30849

The provided text describes SQL injection vulnerabilities in Joomla! 1.5 RC3, detailing potential attack vectors via manipulated URL parameters. It includes example URLs demonstrating the injection points but lacks executable exploit code.

Classification
Writeup 90%
Attack Type
Sqli
Complexity
Trivial
Reliability
Theoretical
Target: Joomla! 1.5 RC3
No auth needed
Prerequisites: Access to the target Joomla! instance
devstral-2 · analyzed Feb 16, 2026 Full analysis →

References (4)

Core 4
Core References
Third Party Advisory, VDB Entry mailing-list x_refsource_bugtraq
http://www.securityfocus.com/archive/1/484603/100/0/threaded
Third Party Advisory, VDB Entry vdb-entry x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/38867
Exploit vdb-entry x_refsource_bid
http://www.securityfocus.com/bid/26707
Third Party Advisory third-party-advisory x_refsource_sreason
http://securityreason.com/securityalert/3422

Scores

EPSS 0.0097
EPSS Percentile 57.6%

Details

CWE
CWE-89
Status published
Products (1)
joomla/joomla 1.5rc3
Published Dec 07, 2007
Tracked Since Feb 18, 2026