CyberSec.Space Logo
Back to CVE Browser

CVE-2016-10114

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0370%
EPSS Percentile31.35th
PublishedJan 4, 2017
Last ModifiedMay 6, 2026

Vulnerability Description

SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch.

Affected Platforms (CPE)

πŸ“¦
Awebsupport

Aweb Cart Watching System For Virtuemart

= 2.6.0

References & Advisories

πŸ”— http://www.securityfocus.com/bid/95293
πŸ”— https://github.com/qemm/joomlasqli
πŸ”— https://vel.joomla.org/resolved/1897-aweb-cart-watching-system-2-6-0
πŸ”— https://www.exploit-db.com/exploits/40973/
πŸ”— http://www.securityfocus.com/bid/95293
πŸ”— https://github.com/qemm/joomlasqli
πŸ”— https://vel.joomla.org/resolved/1897-aweb-cart-watching-system-2-6-0
πŸ”— https://www.exploit-db.com/exploits/40973/

Related Vulnerabilities

CVE-2016-134310.0

The XML parser in Cisco Information Server (CIS) 6.2 allows remote attackers to read arbitrary files or cause a denial of service ...

CVE-2016-835210.0

An issue was discovered in Schneider Electric ConneXium firewalls TCSEFEC23F3F20 all versions, TCSEFEC23F3F21 all versions, TCSEFE...

CVE-2016-150510.0

The filesystem storage backend in Radicale before 1.1 on Windows allows remote attackers to read or write to arbitrary files via a...

CVE-2016-802710.0

SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and e...