SQL injection vulnerability in the JVideo! (com_jvideo) component 0.3.11c Beta and 0.3.x for Joomla! allows remote attackers to execute arbitrary SQL commands via the user_id parameter in a user action to index.php.
CVSS 2.0
Severity: HIGH
Problem Type: CWE-89,
Products Affected
| Vendor | Product | Version |
|---|---|---|
| warphd | com_jvideo | 0.3.11c |
| warphd | com_jvideo | 0.3.6 |
| warphd | com_jvideo | 0.3.8 |
| warphd | com_jvideo | 0.3.9 |
| warphd | com_jvideo | 0.3.10 |