SQL Injection Vulnerabilities in Rapid Recipe Component for Joomla! by Joomla
CVE-2008-0754

Currently unrated

Key Information:

Vendor: Joomla
Status: Com Rapidrecipe
Vendor: CVE Published:; 13 February 2008

Summary

Multiple SQL injection vulnerabilities exist in the index.php file of the Rapid Recipe (com_rapidrecipe) 1.6.5 component for Joomla!. These vulnerabilities allow attackers to execute arbitrary SQL commands through manipulation of the user_id parameter in a showuser action and the category_id parameter in a viewcategorysrecipes action. This can lead to unauthorized access to sensitive information and compromise the integrity of the database.

References

http://secunia.com/advisories/28883

third-party-advisoryx_refsource_SECUNIA

http://www.securityfocus.com/archive/1/487901/100/0/threaded

mailing-listx_refsource_BUGTRAQ

http://securityreason.com/securityalert/3649

third-party-advisoryx_refsource_SREASON

Timeline

Vulnerability published
Feb 13, 2008
Vulnerability Reserved
Feb 13, 2008