Vulnerability Description
SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter.
CVSS Score
7.5
HIGH
AV:N/AC:L/Au:N/C:P/I:P/A:P
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Php-Shop-System | Ixxo Cart | All versions |
| Joomla | Joomla | 1.0 |
Related Weaknesses (CWE)
References
- http://secunia.com/advisories/36009Vendor Advisory
- http://www.davidsopas.com/2009/07/25/ixxo-cart-standalone-and-joomla-component-s
- http://www.exploit-db.com/exploits/9276
- http://www.securityfocus.com/archive/1/505266/100/0/threaded
- http://www.securityfocus.com/bid/35810ExploitPatch
- http://secunia.com/advisories/36009Vendor Advisory
- http://www.davidsopas.com/2009/07/25/ixxo-cart-standalone-and-joomla-component-s
- http://www.exploit-db.com/exploits/9276
- http://www.securityfocus.com/archive/1/505266/100/0/threaded
- http://www.securityfocus.com/bid/35810ExploitPatch
FAQ
What is CVE-2009-3215?
CVE-2009-3215 is a vulnerability with a CVSS score of 7.5 (HIGH). SQL injection vulnerability in IXXO Cart Standalone before 3.9.6.1, and the IXXO Cart component for Joomla! 1.0.x, allows remote attackers to execute arbitrary SQL commands via the parent parameter.
How severe is CVE-2009-3215?
CVE-2009-3215 has been rated HIGH with a CVSS base score of 7.5/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2009-3215?
Check the references section above for vendor advisories and patch information. Affected products include: Php-Shop-System Ixxo Cart, Joomla Joomla.