Sql injection

2010-09-0318:00:00

PRIOn knowledge base

www.prio-n.com

9.2 High

AI Score

Confidence

Low

0.001 Low

EPSS

Percentile

27.8%

JSON

Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via category categorylist operations with (1) the catid parameter or (2) the catid parameter in a lists action.

CPENameOperatorVersion
com_jefaqproeq1.5.0

CPE	Name	Operator	Version
	com_jefaqpro	eq	1.5.0

References

secunia.com/advisories/41078

exchange.xforce.ibmcloud.com/vulnerabilities/61485

www.exploit-db.com/exploits/14846