Description

JRequest in Joomla! 1.5 before 1.5.7 does not sanitize variables that were set with JRequest::setVar, which allows remote attackers to conduct "variable injection" attacks and have unspecified other impact.

Remediation

References

CVE-2008-4105

Related Vulnerabilities

Microsoft SQL Server CVE-2023-21713 Vulnerability (CVE-2023-21713)

WordPress 6.0.x Multiple Vulnerabilities (6.0 - 6.0.2)

WordPress Plugin YouTube Gallery-Best YouTube Video Gallery Cross-Site Scripting (3.2.1)

phpBB Improper Control of Generation of Code ('Code Injection') Vulnerability (CVE-2007-5173)

WordPress Plugin OpenStreetMap for Gutenberg and WPBakery Page Builder (formerly Visual Composer) Cross-Site Scripting (1.1.1)

Severity

High

Classification

CVE-2008-4105 CWE-20

Tags

Missing Update Known Vulnerabilities