SQL Injection Vulnerability in Joomla! Component by JExtensions
CVE-2010-5022

Currently unrated

Key Information:

Vendor: Harmistechnology
Status: Com Jesubmit
Vendor: CVE Published:; 2 November 2011

🔔 Create Harmistechnology Vulnerability Alert

Badges

👾 Exploit Exists🟡 Public PoC

What is CVE-2010-5022?

The JExtensions JE Story Submit component for Joomla! is vulnerable to SQL injection, allowing remote attackers to manipulate database queries through the 'view' parameter in index.php. This flaw can lead to unauthorized access and the execution of arbitrary SQL commands, potentially compromising the integrity of the affected system. Website administrators should ensure this component is updated to mitigate these risks and safeguard their applications.

Exploit Proof of Concept (PoC)

PoC code is written by security researchers to demonstrate the vulnerability can be exploited. PoC code is also a key component for weaponization which could lead to ransomware.

CVE-2010-5022 - Proof of Concept

References

http://www.securityfocus.com/bid/41171

vdb-entryx_refsource_BID

http://www.exploit-db.com/exploits/14054

exploitx_refsource_EXPLOIT-DB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
🟡
Public PoC available
Nov 2, 2011
👾
Exploit known to exist
Nov 2, 2011
Vulnerability published
Nov 2, 2011

CVE-2010-5022 Data

JSON