CVE-2007-0373

Name of the Vulnerable Software and Affected Versions: Joomla! version 1.5.0 Beta

Description: The issue allows remote attackers to execute arbitrary SQL commands. This can be achieved via several parameters, including the searchword parameter in certain files, the where parameter in plugins such as content.php or weblinks.php, the text parameter in plugins like contacts.php, categories.php, or sections.php, or the email parameter in database/table/user.php. The check function does not properly handle these parameters.

Recommendations: For Joomla! version 1.5.0 Beta, consider disabling the search functionality and restricting access to the vulnerable plugins until a patch is available. Avoid using the searchword, where, text, and email parameters in the affected files and plugins to minimize the risk of exploitation.