CVE-2008-0517
31.01.2008, 20:00
SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action.
Vendor | Product | Version |
---|---|---|
darko_selesi | estateagent | 0.1 |
joomla | joomla | * |
mambo | mambo | 4.5 |
mambo | mambo | 4.5.0.2 |
mambo | mambo | 4.5.1.3 |
mambo | mambo | 4.5.1_1.0.9:_1.0 |
mambo | mambo | 4.5.1_beta:_beta |
mambo | mambo | 4.5.1_beta2:_beta2 |
mambo | mambo | 4.5.1a:a |
mambo | mambo | 4.5.2 |
mambo | mambo | 4.5.2.1 |
mambo | mambo | 4.5.2.2 |
mambo | mambo | 4.5.2.3 |
mambo | mambo | 4.5.3h:h |
mambo | mambo | 4.5.4 |
mambo | mambo | 4.5_1.0.0:_1.0 |
mambo | mambo | 4.5_1.0.1:_1.0 |
mambo | mambo | 4.5_1.0.2:_1.0 |
mambo | mambo | 4.5_1.0.3_beta:_1.0 |
mambo | mambo | 4.5_1.0.9:_1.0 |
𝑥
= Vulnerable software versions
References