| Vulnerability Name: | CVE-2006-3481 (CCN-27520) | ||||||||
| Assigned: | 2006-06-26 | ||||||||
| Published: | 2006-06-26 | ||||||||
| Updated: | 2017-07-20 | ||||||||
| Summary: | Multiple SQL injection vulnerabilities in Joomla! before 1.0.10 allow remote attackers to execute arbitrary SQL commands via unspecified parameters involving the (1) "Remember Me" function, (2) "Related Items" module, and the (3) "Weblinks submission". | ||||||||
| CVSS v3 Severity: | 7.3 High (CCN CVSS v3.1 Vector: CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:L/I:L/A:L)
| ||||||||
| CVSS v2 Severity: | 7.5 High (CVSS v2 Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P)
| ||||||||
| Vulnerability Type: | CWE-Other | ||||||||
| Vulnerability Consequences: | Data Manipulation | ||||||||
| References: | Source: MITRE Type: CNA CVE-2006-3481 Source: CCN Type: SA20874 Joomla! Cross-Site Scripting and SQL Injection Vulnerabilities Source: SECUNIA Type: Patch, Vendor Advisory 20874 Source: CCN Type: Joomla! Web site Joomla! - Main Source: CONFIRM Type: UNKNOWN http://www.joomla.org/content/view/1510/74/ Source: CONFIRM Type: UNKNOWN http://www.joomla.org/content/view/1511/78/ Source: OSVDB Type: UNKNOWN 26910 Source: OSVDB Type: UNKNOWN 26911 Source: OSVDB Type: UNKNOWN 26912 Source: CCN Type: OSVDB ID: 26910 Joomla! Remember Me Function SQL Injection Source: CCN Type: OSVDB ID: 26911 Joomla! Related Items Module SQL Injection Source: CCN Type: OSVDB ID: 26912 Joomla! Weblinks Feature SQL Injection Source: BID Type: Patch 18742 Source: CCN Type: BID-18742 Joomla! Multiple Input Validation Vulnerabilities Source: VUPEN Type: UNKNOWN ADV-2006-2608 Source: XF Type: UNKNOWN joomla-rememberme-relateditems-sql-injection(27520) Source: XF Type: UNKNOWN joomla-rememberme-relateditems-sql-injection(27520) | ||||||||
| Vulnerable Configuration: | Configuration 1: Denotes that component is vulnerable | ||||||||
| BACK | |||||||||