SQL Injection Vulnerability in beamospetition Component for Joomla!
CVE-2009-0377

Currently unrated

Key Information:

Vendor: Joomla
Status: Com Beamospetition
Vendor: CVE Published:; 2 February 2009

Summary

The beamospetition component version 1.0.12 for Joomla! contains a SQL injection vulnerability that permits remote attackers to execute arbitrary SQL commands. This exploit targets the 'mpid' parameter during the 'sign' action to index.php, posing significant risks to data integrity and confidentiality. Proper validation and sanitization of inputs are critical to mitigate this vulnerability.

References

http://www.securityfocus.com/archive/1/500250/100/0/threaded

mailing-listx_refsource_BUGTRAQ

https://www.exploit-db.com/exploits/7847

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/33391

vdb-entryx_refsource_BID

Timeline

Vulnerability published
Feb 2, 2009
Vulnerability Reserved
Feb 2, 2009