Description
JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.
Remediation
References
Related Vulnerabilities
WordPress Plugin WordPress Ultra Simple Paypal Shopping Cart Cross-Site Request Forgery (4.4)
XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-36100)
MySQL CVE-2015-2617 Vulnerability (CVE-2015-2617)
WordPress Plugin cdnvote 'cdnvote-post.php' Multiple SQL Injection Vulnerabilities (0.4.1)