CVE-2010-1073
published 2010-03-23CVE-2010-1073: SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the…
PriorityP344high7.5CVSS 2.0
AVNACLAuNCPIPAP
EXPLOIT
EPSS
1.00%
58.5th percentile
SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to index.php.
CVEs like this are exactly what “Exploited This Week” covers.
Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.
VulDB
Joshprakash Com Jembed index.php catid sql injection (EDB-11026 / XFDB-55443)
vuldb·2026-05-03·CVSS 7.5
CVE-2010-1073 [HIGH] Joshprakash Com Jembed index.php catid sql injection (EDB-11026 / XFDB-55443)
A vulnerability marked as critical has been reported in Joshprakash Com Jembed. Affected is an unknown function of the file index.php. This manipulation of the argument catid causes sql injection.
This vulnerability is registered as CVE-2010-1073. Remote exploitation of the attack is possible. Furthermore, an exploit is available.
GHSA
GHSA-4xm2-26x9-9p7x: SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands
ghsa_unreviewed·2022-05-02
CVE-2010-1073 [HIGH] CWE-89 GHSA-4xm2-26x9-9p7x: SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands
SQL injection vulnerability in the jEmbed-Embed Anything (com_jembed) component for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter in a summary action to index.php.
Suricata
ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor ASCII
suricata·2010-07-30·CVSS 10.0
CVE-2007-1073 [CRITICAL] ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor ASCII
ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor ASCII
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor ASCII"; flow:established,to_server; http.uri; content:"/install.php?"; nocase; content:"bgcolor="; nocase; content:"ASCII("; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-1073; reference:url,www.securityfocus.com/archive/1/archive/1/459796/100/200/threaded; classtype:web-application-attack; sid:2004844; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_n
Suricata
ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor SELECT
suricata·2010-07-30·CVSS 10.0
CVE-2007-1073 [CRITICAL] ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor SELECT
ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor SELECT"; flow:established,to_server; http.uri; content:"/install.php?"; nocase; content:"bgcolor="; nocase; content:"SELECT"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-1073; reference:url,www.securityfocus.com/archive/1/archive/1/459796/100/200/threaded; classtype:web-application-attack; sid:2004840; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_n
Suricata
ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor UNION SELECT
suricata·2010-07-30·CVSS 10.0
CVE-2007-1073 [CRITICAL] ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor UNION SELECT
ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor UNION SELECT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor UNION SELECT"; flow:established,to_server; http.uri; content:"/install.php?"; nocase; content:"bgcolor="; nocase; content:"UNION"; nocase; content:"SELECT"; nocase; distance:0; reference:cve,CVE-2007-1073; reference:url,www.securityfocus.com/archive/1/archive/1/459796/100/200/threaded; classtype:web-application-attack; sid:2004841; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, m
Suricata
ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor INSERT
suricata·2010-07-30·CVSS 10.0
CVE-2007-1073 [CRITICAL] ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor INSERT
ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor INSERT
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor INSERT"; flow:established,to_server; http.uri; content:"/install.php?"; nocase; content:"bgcolor="; nocase; content:"INSERT"; nocase; content:"INTO"; nocase; distance:0; reference:cve,CVE-2007-1073; reference:url,www.securityfocus.com/archive/1/archive/1/459796/100/200/threaded; classtype:web-application-attack; sid:2004842; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_n
Suricata
ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor DELETE
suricata·2010-07-30·CVSS 10.0
CVE-2007-1073 [CRITICAL] ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor DELETE
ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor DELETE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor DELETE"; flow:established,to_server; http.uri; content:"/install.php?"; nocase; content:"bgcolor="; nocase; content:"DELETE"; nocase; content:"FROM"; nocase; distance:0; reference:cve,CVE-2007-1073; reference:url,www.securityfocus.com/archive/1/archive/1/459796/100/200/threaded; classtype:web-application-attack; sid:2004843; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_n
Suricata
ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor UPDATE
suricata·2010-07-30·CVSS 10.0
CVE-2007-1073 [CRITICAL] ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor UPDATE
ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor UPDATE
Rule: alert http $EXTERNAL_NET any -> $HTTP_SERVERS any (msg:"ET WEB_SPECIFIC_APPS mcRefer SQL Injection Attempt -- install.php bgcolor UPDATE"; flow:established,to_server; http.uri; content:"/install.php?"; nocase; content:"bgcolor="; nocase; content:"UPDATE"; nocase; content:"SET"; nocase; distance:0; reference:cve,CVE-2007-1073; reference:url,www.securityfocus.com/archive/1/archive/1/459796/100/200/threaded; classtype:web-application-attack; sid:2004845; rev:8; metadata:affected_product Web_Server_Applications, attack_target Web_Server, created_at 2010_07_30, deployment Datacenter, confidence Medium, signature_severity Major, tag SQL_Injection, updated_at 2020_09_10, mitre_tactic_id TA0001, mitre_tactic_na
No writeups or analysis indexed.
http://osvdb.org/61510http://secunia.com/advisories/38112http://www.exploit-db.com/exploits/11026http://www.vupen.com/english/advisories/2010/0047https://exchange.xforce.ibmcloud.com/vulnerabilities/55443http://osvdb.org/61510http://secunia.com/advisories/38112http://www.exploit-db.com/exploits/11026http://www.vupen.com/english/advisories/2010/0047https://exchange.xforce.ibmcloud.com/vulnerabilities/55443
2010-03-23
Published