Public exploit available
Public proof-of-concept or exploit code exists (ExploitDB / Metasploit / Nuclei).

CVE-2014-7981 โ€” SQL Injection in Joomla !

CWE-89 โ€” SQL Injection4 documents4 sources
Severity
7.5HIGHNVD
EPSS
14.3%
top 5.57%
CISA KEV
Not in KEV
Exploit
PoC available
Public exploit / PoC exists
Affected products
1
Joomla !
Timeline
PublishedOct 8
Latest updateMay 17

Description

SQL injection vulnerability in Joomla! CMS 3.1.x and 3.2.x before 3.2.3 allows remote attackers to execute arbitrary SQL commands via unspecified vectors.

CVSS vector

AV:N/AC:L/C:P/I:P/A:PExploitability: 10.0 | Impact: 6.4

Affected Packages1 packages

โ–ถNVDjoomla/joomla_!10 versions+9

๐Ÿ”ดVulnerability Details

2
GHSA
GHSA-44mc-55q4-jh5m: SQL injection vulnerability in Joomla! CMS 3โ†—2022-05-17
โ–ถ
CVEList
CVE-2014-7981: SQL injection vulnerability in Joomla! CMS 3โ†—2014-10-08
โ–ถ

๐Ÿ’ฅExploits & PoCs

1
Metasploit
Joomla weblinks-categories Unauthenticated SQL Injection Arbitrary File Readโ†—
โ–ถ
CVE-2014-7981 โ€” SQL Injection in Joomla ! | cvebase