Vulnerability Description
SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch.
CVSS Score
CRITICAL
Affected Products
| Vendor | Product | Versions |
|---|---|---|
| Awebsupport | Aweb Cart Watching System For Virtuemart | 2.6.0 |
Related Weaknesses (CWE)
References
- http://www.securityfocus.com/bid/95293
- https://github.com/qemm/joomlasqli
- https://vel.joomla.org/resolved/1897-aweb-cart-watching-system-2-6-0Third Party Advisory
- https://www.exploit-db.com/exploits/40973/
- http://www.securityfocus.com/bid/95293
- https://github.com/qemm/joomlasqli
- https://vel.joomla.org/resolved/1897-aweb-cart-watching-system-2-6-0Third Party Advisory
- https://www.exploit-db.com/exploits/40973/
FAQ
What is CVE-2016-10114?
CVE-2016-10114 is a vulnerability with a CVSS score of 9.8 (CRITICAL). SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categor...
How severe is CVE-2016-10114?
CVE-2016-10114 has been rated CRITICAL with a CVSS base score of 9.8/10. This is considered a critical vulnerability requiring immediate attention.
Is there a patch for CVE-2016-10114?
Check the references section above for vendor advisories and patch information. Affected products include: Awebsupport Aweb Cart Watching System For Virtuemart.