NVD

Id
15451  
Name
CVE-2010-4166  
Description
Multiple SQL injection vulnerabilities in Joomla! 1.5.x before 1.5.22 allow remote attackers to execute arbitrary SQL commands via (1) the filter_order parameter in a com_weblinks category action to index.php, (2) the filter_order_Dir parameter in a com_weblinks category action to index.php, or (3) the filter_order_Dir parameter in a com_messages action to administrator/index.php.  
Reject
 
CVSS Version
2  
CVSS Score
7.5  
Severity
High  
CVSS Base Score
7.5  
CVSS Impact Subscore
6.4  
CVSS Exploit Subscore
10  
CVSS Vector
(AV:N/AC:L/Au:N/C:P/I:P/A:P)  
Pub Date
2017-01-18  
Published
2011-01-18  
Modified Date
2011-07-19  
Seq
2010-4166  

Actions

Related NVD References

Id NVD Id NVD No. Reference Actions
87244 15451 CVE-2010-4166 20101031 Joomla 1.5.21 | Potential SQL Injection Flaws  View
87245 15451 CVE-2010-4166 http://developer.joomla.org/security/news/9-security/10-core-security/323-20101101-core-sqli-info-disclosurevulnerabilities.html  View
87246 15451 CVE-2010-4166 [oss-security] 20101112 CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure  View
87247 15451 CVE-2010-4166 [oss-security] 20101112 Re: CVE request: Joomla 1.5.21 SQL Injection and Information Disclosure  View
87248 15451 CVE-2010-4166 http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_(filter_order)_front.jpg  View
87249 15451 CVE-2010-4166 http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_back.jpg  View
87250 15451 CVE-2010-4166 http://yehg.net/lab/pr0js/advisories/joomla/core/1.5.21/sql_injection/sqli_%28filter_order_Dir%29_front.jpg  View

Related JVN

Id Name Title Summary Cveinfo Name Cveinfo Id Nvdinfo Name Nvdinfo Id Cvssv2 Cvssv3 Jvnurl Published Date Last Updated Date Actions
37581 JVNDB-2010-003366 Joomla! における SQL インジェクションの脆弱性 Joomla! には、SQL インジェクションの脆弱性が存在します。 CVE-2010-4166 46746 CVE-2010-4166 15451 7.5 http://jvndb.jvn.jp/ja/contents/2010/JVNDB-2010-003366.html 2010-11-04 2012-03-27 View