cbcvebase.
CVE-2010-4838
published 2011-09-14

CVE-2010-4838: SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to…

PriorityP336medium6CVSS 2.0
AVNACMAuSCPIPAP
EXPLOIT
EPSS
0.86%
54.1th percentile
SQL injection vulnerability in the JSupport (com_jsupport) component 1.5.6 for Joomla! allows remote authenticated users, with Public Back-end permissions, to execute arbitrary SQL commands via the alpha parameter in a (1) listTickets or (2) listFaqs action to administrator/index.php.

Affected

1 ranges
VendorProductVersion rangeFixed in
extensiondepotcom_jsupport
CVEs like this are exactly what “Exploited This Week” covers.

Every Monday: what got weaponized or added to CISA KEV in the last seven days — each CVE cross-linked to its PoC, Nuclei template, and detection rule. Free, one email a week, unsubscribe in one click.

CVE-2010-4838 — SQL Injection in COM Jsupport | cvebase