Lucene search
MitreCVE-2009-4938HistoryJul 22, 2010 - 10:00 a.m.
CVE-2009-4938
2010-07-2210:00:00
CWE-89
mitre
web.nvd.nist.gov
20
sql injection
jvideo! component
remote attack
joomla!
nvd
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.001
Percentile
30.1%
SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user action to index.php.
Affected configurations
Node
joomlajoomla\!
warphdcom_jvideoMatch0.3.6beta
ORwarphdcom_jvideoMatch0.3.8beta
ORwarphdcom_jvideoMatch0.3.9beta
ORwarphdcom_jvideoMatch0.3.10beta
ORwarphdcom_jvideoMatch0.3.11c
| Vendor | Product | Version | CPE |
|---|---|---|---|
| joomla | joomla\! | * | cpe:2.3:a:joomla:joomla\!:*:*:*:*:*:*:*:* |
| warphd | com_jvideo | 0.3.6 | cpe:2.3:a:warphd:com_jvideo:0.3.6:beta:*:*:*:*:*:* |
| warphd | com_jvideo | 0.3.8 | cpe:2.3:a:warphd:com_jvideo:0.3.8:beta:*:*:*:*:*:* |
| warphd | com_jvideo | 0.3.9 | cpe:2.3:a:warphd:com_jvideo:0.3.9:beta:*:*:*:*:*:* |
| warphd | com_jvideo | 0.3.10 | cpe:2.3:a:warphd:com_jvideo:0.3.10:beta:*:*:*:*:*:* |
| warphd | com_jvideo | 0.3.11c | cpe:2.3:a:warphd:com_jvideo:0.3.11c:*:*:*:*:*:*:* |
Related
nessus
nessus
JVideo! Component for Joomla! 'user_id' Parameter SQLi
2009-06-01 00:00:00
prion
prion
Sql injection
2010-07-22 05:40:00
cvelist
cvelist
CVE-2009-4938
2010-07-22 10:00:00
nvd
nvd
CVE-2009-4938
2010-07-22 05:40:07
CVSS2
7.5
Attack Vector
NETWORK
Attack Complexity
LOW
Authentication
NONE
Confidentiality Impact
PARTIAL
Integrity Impact
PARTIAL
Availability Impact
PARTIAL
AV:N/AC:L/Au:N/C:P/I:P/A:P
AI Score
8.6
Confidence
Low
EPSS
0.001
Percentile
30.1%
Related for CVE-2009-4938