CVEDB API

Vulnerabilities

By Date
Known Exploited
Advanced Search

Vulnerable Software

Vendors
Products

Vulnerability Details CVE-2016-10379

The VirtueMart com_virtuemart component 3.0.14 for Joomla! allows SQL injection by remote authenticated administrators via the virtuemart_paymentmethod_id or virtuemart_shipmentmethod_id parameter to administrator/index.php.

Exploit prediction scoring system (EPSS) score

EPSS Score 0.006

EPSS Ranking 69.6%

CVSS Severity

CVSS v3 Score 7.2

CVSS v2 Score 6.5

References

http://code610.blogspot.com/2016/08/testing-sql-injections-in-comvirtuemart.html
http://www.securityfocus.com/bid/98753
http://code610.blogspot.com/2016/08/testing-sql-injections-in-comvirtuemart.html
http://www.securityfocus.com/bid/98753

Products affected by CVE-2016-10379

Virtuemart » Virtuemart » Version: 3.0.14

cpe:2.3:a:virtuemart:virtuemart:3.0.14

Vulnerabilities

Vulnerable Software

Vulnerability Details CVE-2016-10379

Products

Pricing

Contact Us