Description
SQL injection vulnerability in the getListQuery function in administrator/components/com_contenthistory/models/history.php in Joomla! 3.2 before 3.4.5 allows remote attackers to execute arbitrary SQL commands via the list[select] parameter to index.php.
Remediation
References
Related Vulnerabilities
WordPress Plugin AnyVar Cross-Site Scripting (0.1.1)
MySQL CVE-2018-3074 Vulnerability (CVE-2018-3074)
MySQL CVE-2018-2767 Vulnerability (CVE-2018-2767)
WordPress Plugin Import all XML, CSV & TXT into WordPress Arbitrary File Upload (6.4)
WordPress Plugin Nested Pages Multiple Vulnerabilities (3.1.15)