Vulnerability Details CVE-2008-0517
SQL injection vulnerability in index.php in the Darko Selesi EstateAgent (com_estateagent) 0.1 component for Mambo 4.5.x and Joomla! allows remote attackers to execute arbitrary SQL commands via the objid parameter in a contact showObject action.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.0
EPSS Ranking 0.8%
CVSS Severity
CVSS v2 Score 7.5
References
- http://www.securityfocus.com/bid/27520
- http://www.vupen.com/english/advisories/2008/0362
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40060
- https://www.exploit-db.com/exploits/5016
- http://www.securityfocus.com/bid/27520
- http://www.vupen.com/english/advisories/2008/0362
- https://exchange.xforce.ibmcloud.com/vulnerabilities/40060
- https://www.exploit-db.com/exploits/5016
Products affected by CVE-2008-0517
-
cpe:2.3:a:darko_selesi:estateagent:0.1
-
cpe:2.3:a:joomla:joomla:*
-
cpe:2.3:a:mambo:mambo:4.5
-
cpe:2.3:a:mambo:mambo:4.5.0.2
-
cpe:2.3:a:mambo:mambo:4.5.1.3
-
cpe:2.3:a:mambo:mambo:4.5.1_1.0.9
-
cpe:2.3:a:mambo:mambo:4.5.1_beta
-
cpe:2.3:a:mambo:mambo:4.5.1_beta2
-
cpe:2.3:a:mambo:mambo:4.5.1a
-
cpe:2.3:a:mambo:mambo:4.5.2
-
cpe:2.3:a:mambo:mambo:4.5.2.1
-
cpe:2.3:a:mambo:mambo:4.5.2.2
-
cpe:2.3:a:mambo:mambo:4.5.2.3
-
cpe:2.3:a:mambo:mambo:4.5.3h
-
cpe:2.3:a:mambo:mambo:4.5.4
-
cpe:2.3:a:mambo:mambo:4.5_1.0.0
-
cpe:2.3:a:mambo:mambo:4.5_1.0.1
-
cpe:2.3:a:mambo:mambo:4.5_1.0.2
-
cpe:2.3:a:mambo:mambo:4.5_1.0.3_beta
-
cpe:2.3:a:mambo:mambo:4.5_1.0.9