MidnightBSD

Advisories for warphd

CVE-2009-4938 HIGH

SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user action to index.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
warphd com_jvideo 0.3.11c
warphd com_jvideo 0.3.6
warphd com_jvideo 0.3.8
warphd com_jvideo 0.3.9
warphd com_jvideo 0.3.10