B-Hunt3|2

**Name of the Vulnerable Software and Affected Versions** Joomla! component com jeeventcalendar version 1.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `event id` parameter in an event action to "index.php". **Recommendations** For version 1.0, avoid using the `event id` parameter in the affected API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the vulnerable component com jeeventcalendar to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Joomla! component com jequizmanagement version 1.b01 **Description** A SQL injection issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `eid` parameter in a question action to the "index.php" endpoint. **Recommendations** For version 1.b01, avoid using the `eid` parameter in the question action to the "index.php" endpoint until a fix is available. As a temporary workaround, consider restricting access to the com jequizmanagement component to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** jVideoDirect (com jvideodirect) version 1.1 RC3b for Joomla! **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `v` parameter in the "index.php" endpoint. **Recommendations** For version 1.1 RC3b, consider restricting access to the "index.php" endpoint until a patch is available. As a temporary workaround, avoid using the `v` parameter in the affected endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Joomla! component com mochigames version 0.51 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This is achieved by exploiting the `id` parameter in the API endpoint "index.php". **Recommendations** For version 0.51, avoid using the `id` parameter in the affected API endpoint until the issue is resolved. As a temporary workaround, consider restricting access to the "index.php" endpoint to minimize the risk of exploitation.

**Name of the Vulnerable Software and Affected Versions** Joomla! component com casino version 1.0 **Description** The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via the `id` parameter in either a category or player action to "index.php". **Recommendations** For version 1.0, avoid using the `id` parameter in the affected actions until the issue is resolved. As a temporary workaround, consider restricting access to the com casino component to minimize the risk of exploitation.