CVE-2010-5044

Name of the Vulnerable Software and Affected Versions Joomla! component com searchlog version 3.1.0

Description The issue allows remote authenticated users with Public Back-end privileges to execute arbitrary SQL commands. This is achieved by exploiting the search parameter in a log action to the "administrator/index.php" endpoint.

Recommendations For version 3.1.0, consider restricting access to the "administrator/index.php" endpoint or limiting the privileges of users with Public Back-end access until a fix is available. As a temporary workaround, avoid using the search parameter in the log action to minimize the risk of exploitation.