Vulnerability Description
SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL commands via the search parameter in a log action to administrator/index.php. NOTE: some of these details are obtained from third party information.
CVSS Score
MEDIUM
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Kanich | Com Searchlog | 3.1.0 |
| Joomla | Joomla\! | All versions |
Related Weaknesses (CWE)
References
- http://osvdb.org/65185
- http://secunia.com/advisories/40055Vendor Advisory
- http://www.exploit-db.com/exploits/13746/Exploit
- http://www.securityfocus.com/bid/40588Exploit
- http://www.vupen.com/english/advisories/2010/1363Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59152
- http://osvdb.org/65185
- http://secunia.com/advisories/40055Vendor Advisory
- http://www.exploit-db.com/exploits/13746/Exploit
- http://www.securityfocus.com/bid/40588Exploit
- http://www.vupen.com/english/advisories/2010/1363Vendor Advisory
- https://exchange.xforce.ibmcloud.com/vulnerabilities/59152
FAQ
What is CVE-2010-5044?
CVE-2010-5044 is a vulnerability with a CVSS score of 6.0 (MEDIUM). SQL injection vulnerability in models/log.php in the Search Log (com_searchlog) component 3.1.0 for Joomla! allows remote authenticated users, with Public Back-end privileges, to execute arbitrary SQL...
How severe is CVE-2010-5044?
CVE-2010-5044 has been rated MEDIUM with a CVSS base score of 6.0/10. Review the CVSS metrics above for detailed severity breakdown.
Is there a patch for CVE-2010-5044?
Check the references section above for vendor advisories and patch information. Affected products include: Kanich Com Searchlog, Joomla Joomla\!.