CVE-2015-2798

SQL injection vulnerability in Joomla! Component Contact Form Maker 1.0.1 allows remote attackers to execute arbitrary SQL commands via the id parameter.
References
Link Resource
http://www.securityfocus.com/bid/73903 Third Party Advisory VDB Entry
https://www.exploit-db.com/exploits/36561/ Third Party Advisory VDB Entry
Configurations

Configuration 1 (hide)

cpe:2.3:a:web-dorado:contact_form_maker:1.0.1:*:*:*:*:joomla\!:*:*

History

No history.

Information

Published : 2017-07-25 18:29

Updated : 2024-02-04 19:29


NVD link : CVE-2015-2798

Mitre link : CVE-2015-2798

CVE.ORG link : CVE-2015-2798


JSON object : View

Products Affected

web-dorado

  • contact_form_maker
CWE
CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')