Description

JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.

Remediation

References

CVE-2008-4105

Related Vulnerabilities

AngularJS Improper Neutralization of Input During Web Page Generation ('Cross-site Scripting') Vulnerability (CVE-2019-14863)

WordPress Plugin WordPress Ultra Simple Paypal Shopping Cart Cross-Site Request Forgery (4.4)

XWiki Improper Encoding or Escaping of Output Vulnerability (CVE-2022-36100)

MySQL CVE-2015-2617 Vulnerability (CVE-2015-2617)

WordPress Plugin cdnvote 'cdnvote-post.php' Multiple SQL Injection Vulnerabilities (0.4.1)

Severity

High

Classification

CVE-2008-4105 CWE-20

Tags

Missing Update Known Vulnerabilities