CVE-2009-0381

Name of the Vulnerable Software and Affected Versions Joomla! BazaarBuilder Ecommerce Shopping Cart (com prod) version 5.0

Description The issue allows remote attackers to execute arbitrary SQL commands via the cid parameter in a "products" action to "index.php". This can lead to unauthorized access and manipulation of database content.

Recommendations For version 5.0, avoid using the cid parameter in the "products" action to "index.php" until a fix is available. As a temporary workaround, consider restricting access to the "index.php" endpoint to minimize the risk of exploitation.