PT-2018-14006 · Joomla · Collection Factory
Ihsan Sencan
·
Publicado
2018-09-28
·
Atualizado
2018-11-15
·
CVE-2018-17383
CVSS v3.1
9.8
Crítica
| Vetor | AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H |
Name of the Vulnerable Software and Affected Versions
Joomla! Collection Factory version 4.1.9
Description
A SQL Injection issue exists in the Collection Factory component for Joomla!, which can be exploited via the
filter order or filter order Dir parameter.Recommendations
For version 4.1.9, avoid using the
filter order and filter order Dir parameters in the affected component until a fix is available.
At the moment, there is no information about a newer version that contains a fix for this vulnerability.Exploit
SQL injection
Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾
Enumeração de Fraquezas
Identificadores relacionados
Produtos afetados
Collection Factory