SQL Injection Vulnerability in Prince Clan Chess Club for Joomla!
CVE-2009-0379

Currently unrated

Key Information:

Vendor: Joomla
Status: Com Pcchess
Vendor: CVE Published:; 2 February 2009

What is CVE-2009-0379?

The Prince Clan Chess Club component for Joomla! contains an SQL injection vulnerability that allows remote attackers to inject and execute arbitrary SQL commands. This occurs through the 'game_id' parameter in the 'showgame' action of the index.php script. Attackers can exploit this flaw to manipulate the database, potentially leading to unauthorized data access or modification.

References

https://www.exploit-db.com/exploits/7846

exploitx_refsource_EXPLOIT-DB

http://www.securityfocus.com/bid/33394

vdb-entryx_refsource_BID

https://exchange.xforce.ibmcloud.com/vulnerabilities/48144

vdb-entryx_refsource_XF

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability published
Feb 2, 2009
Vulnerability Reserved
Feb 2, 2009

JSON