-
Notifications
You must be signed in to change notification settings - Fork 2.7k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
CVE-2022-23797 - SQL Injection Vulnerability in Joomla! #11183
Comments
/bounty $100 |
💎 $100 bounty • ProjectDiscovery Bounty Available for CVE Template ContributionSteps to Contribute:
Thank you for contributing to projectdiscovery/nuclei-templates and helping us democratize security!
Add a bounty • Share on socials
|
/attempt #11183
|
@mobley-trent: Reminder that in 4 days the bounty will become up for grabs, so please submit a pull request before then 🙏 |
The bounty is up for grabs! Everyone is welcome to |
Is there an existing template for this?
Template requests
Description:
A critical SQL injection vulnerability was discovered in Joomla! versions 3.0.0 through 3.10.6 and 4.0.0 through 4.1.0. The issue stems from inadequate filtering of selected IDs in a request, which could lead to unauthorized database access, data manipulation, or disclosure.
Severity:
Critical (CVSS: 9.8, Vector: [CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:H/A:H])
EPSS:
Details:
References:
Patch URLs:
Weaknesses:
Shodan:
Vulnerable CPE:
OSS:
Anything else?
No response
The text was updated successfully, but these errors were encountered: