SQL Injection Vulnerability in HM Community Component for Joomla!
CVE-2011-4808

Currently unrated

Key Information:

Vendor: Joomlaextensions
Status: Com Hmcommunity
Vendor: CVE Published:; 14 December 2011

🔔 Create Joomlaextensions Vulnerability Alert

Badges

👾 Exploit Exists

What is CVE-2011-4808?

An SQL injection vulnerability exists in the HM Community (com_hmcommunity) component for Joomla! versions prior to 1.01. This flaw allows remote attackers to execute arbitrary SQL commands through the 'id' parameter in a 'fnd_home' action via the index.php file. Exploiting this vulnerability can lead to unauthorized data manipulation and potential data breaches, highlighting the need for immediate attention from Joomla! users utilizing this component.

References

http://joomlaextensions.co.in/index.php?option=com_jeshop...

x_refsource_MISC

http://secunia.com/advisories/46656

third-party-advisoryx_refsource_SECUNIA

http://www.osvdb.org/76727

vdb-entryx_refsource_OSVDB

Download the Critical Vulnerability Management Cheat Sheet

Timeline

Vulnerability Reserved
Oct 3, 2022
🟡
Public PoC available
Dec 14, 2011
👾
Exploit known to exist
Dec 14, 2011
Vulnerability published
Dec 14, 2011

CVE-2011-4808 Data

JSON