CVE-2009-3645

2009-10-0914:18:00

mitre

www.cve.org

sql injection

joomla

cb resume builder

remote attackers

arbitrary sql commands

AI Score

8.3

Confidence

Low

EPSS

0.001

Percentile

28.6%

JSON

SQL injection vulnerability in the JoomlaCache CB Resume Builder (com_cbresumebuilder) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the group_id parameter in a group_members action to index.php.

References

packetstormsecurity.org/0910-exploits/joomlacbrb-sql.txt

secunia.com/advisories/36954

www.securityfocus.com/bid/36598