Description
SQL injection vulnerability in the inertialFATE iF Portfolio Nexus (com_if_nexus) component 1.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in an item action to index.php.
Exploits (1)
exploitdb
WORKING POC
VERIFIED
by 599eme Man · textwebappsphp
https://www.exploit-db.com/exploits/10177
References (5)
Core 5
Core References
Exploit vdb-entry
x_refsource_bid
http://www.securityfocus.com/bid/37050
Vendor Advisory third-party-advisory
x_refsource_secunia
http://secunia.com/advisories/37408
Third Party Advisory, VDB Entry vdb-entry
x_refsource_osvdb
http://osvdb.org/60308
Third Party Advisory, VDB Entry vdb-entry
x_refsource_xf
https://exchange.xforce.ibmcloud.com/vulnerabilities/54325
Exploit x_refsource_misc
http://www.packetstormsecurity.org/0911-exploits/joomlanexus-sql.txt
Scores
EPSS
0.0020
EPSS Percentile
42.1%
Details
CWE
CWE-89
Status
published
Products (1)
inertialfate/com_if_nexus
1.1
Published
Nov 24, 2009
Tracked Since
Feb 18, 2026