CVE-2008-0652
published 2008-02-07CVE-2008-0652: SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL…
PriorityP341high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
0.93%
56.1th percentile
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
GHSA
GHSA-9vh6-jvf9-f385: SQL injection vulnerability in index
ghsa_unreviewed·2022-05-01·CVSS 7.5
CVE-2008-0849 [HIGH] CWE-89 GHSA-9vh6-jvf9-f385: SQL injection vulnerability in index
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the cat parameter in a selectcat function, a different vector than CVE-2008-0652.
GHSA
GHSA-5c4f-f362-97p5: SQL injection vulnerability in index
ghsa_unreviewed·2022-05-01
CVE-2008-0652 [HIGH] CWE-89 GHSA-5c4f-f362-97p5: SQL injection vulnerability in index
SQL injection vulnerability in index.php in the Downloads (com_downloads) component for Mambo and Joomla! allows remote attackers to execute arbitrary SQL commands via the filecatid parameter in a selectfolder action.
No detection rules found.
No writeups or analysis indexed.
2008-02-07
Published