Vulnerability Details CVE-2013-7219
SQL injection vulnerability in vote.php in the 2Glux Sexy Polling (com_sexypolling) component before 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the answer_id[] parameter.
Exploit prediction scoring system (EPSS) score
EPSS Score 0.003
EPSS Ranking 49.6%
CVSS Severity
CVSS v2 Score 7.5
References
- http://2glux.com/forum/sexypolling/sexy-polling-security-vulnerability-notification-t2026.html
- http://www.securityfocus.com/archive/1/530789/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90519
- https://www.htbridge.com/advisory/HTB23193
- http://2glux.com/forum/sexypolling/sexy-polling-security-vulnerability-notification-t2026.html
- http://www.securityfocus.com/archive/1/530789/100/0/threaded
- https://exchange.xforce.ibmcloud.com/vulnerabilities/90519
- https://www.htbridge.com/advisory/HTB23193
Products affected by CVE-2013-7219
-
cpe:2.3:a:2glux:com_sexypolling:0.9.1
-
cpe:2.3:a:2glux:com_sexypolling:0.9.2
-
cpe:2.3:a:2glux:com_sexypolling:0.9.4
-
cpe:2.3:a:2glux:com_sexypolling:0.9.5
-
cpe:2.3:a:2glux:com_sexypolling:0.9.6
-
cpe:2.3:a:2glux:com_sexypolling:0.9.7
-
cpe:2.3:a:2glux:com_sexypolling:1.0.1
-
cpe:2.3:a:2glux:com_sexypolling:1.0.2
-
cpe:2.3:a:2glux:com_sexypolling:1.0.3
-
cpe:2.3:a:2glux:com_sexypolling:1.0.4
-
cpe:2.3:a:2glux:com_sexypolling:1.0.5
-
cpe:2.3:a:2glux:com_sexypolling:1.0.6
-
cpe:2.3:a:2glux:com_sexypolling:1.0.7
-
cpe:2.3:a:2glux:com_sexypolling:1.0.8