Vulnerability Description
SQL injection vulnerability in netinvoice.php in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving "knowledge of ... the contents of an encrypted file."
CVSS Score
HIGH
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Netshinesoftware | Com Netinvoice | 1.2.0 |
| Joomla | Joomla\! | All versions |
Related Weaknesses (CWE)
References
- http://www.nbill.co.uk/forum-smf/index.php/topic%2C716.0.html
- http://www.nbill.co.uk/newsflash/important-security-announcement.htmlPatch
- http://www.nbill.co.uk/forum-smf/index.php/topic%2C716.0.html
- http://www.nbill.co.uk/newsflash/important-security-announcement.htmlPatch
FAQ
What is CVE-2008-7302?
CVE-2008-7302 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in netinvoice.php in the nBill (com_netinvoice) component 1.2.0 SP1 for Joomla! allows remote attackers to execute arbitrary SQL commands via unspecified vectors involving ...
How severe is CVE-2008-7302?
CVE-2008-7302 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2008-7302?
Check the references section above for vendor advisories and patch information. Affected products include: Netshinesoftware Com Netinvoice, Joomla Joomla\!.