ccBoard component for Joomla! index.php SQL injection
| ccboard-index-sql-injection (67850) |  Medium Risk |
Description:
The ccBoard component for Joomla! is vulnerable to SQL injection. A remote attacker could send specially-crafted SQL statements to the index.php script using an unspecified parameter, which could allow the attacker to view, add, modify or delete information in the back-end database.
*CVSS:
| Base Score: | 7.5 |
| Access Vector: | Network |
| Access Complexity: | Low |
| Authentication: | None |
| Confidentiality Impact: | Partial |
| Integrity Impact: | Partial |
| Availability Impact: | Partial |
| Temporal Score: | 7.1 |
| Exploitability: | High |
| Remediation Level: | Unavailable |
| Report Confidence: | Uncorroborated |
Consequences:
Data Manipulation
Remedy:
No remedy available as of June 8, 2011.
References:
- CODECLASSIC Web site: ccBoard component for Joomla!.
- BID-48108: Joomla CCBoard SQL Injection and Arbitrary File Upload Vulnerabilities
Platforms Affected:
- CODECLASSIC ccBoard component for Joomla!
Reported:
Jun 06, 2011
0 Visitor Reactions & Comments:
Post a Comment