CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2009-2554

MEDIUM
6.8
CVSS Severity Score
EPSS Score0.0170%
EPSS Percentile33.06th
Published2009年7月20日
Last Modified2026年4月23日

Vulnerability Description

SQL injection vulnerability in the search method in jobline.class.php in Jobline (com_jobline) 1.1.2.2, 1.3.1, and possibly earlier versions, a component for Joomla!, allows remote attackers to execute arbitrary SQL commands via the search parameter in a results action to index.php, which invokes the search method from the searchJobPostings function in jobline.php.

Affected Platforms (CPE)

📦
Olle Johansson

Jobline

= 1.1.2.2
📦
Olle Johansson

Jobline

= 1.3.1

References & Advisories

🔗 http://secunia.com/advisories/35877
🔗 http://www.exploit-db.com/exploits/9187
🔗 http://www.securityfocus.com/bid/35728
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/51811
🔗 http://secunia.com/advisories/35877
🔗 http://www.exploit-db.com/exploits/9187
🔗 http://www.securityfocus.com/bid/35728
🔗 https://exchange.xforce.ibmcloud.com/vulnerabilities/51811

相關漏洞威脅

CVE-2006-701510.0

PHP remote file inclusion vulnerability in admin.jobline.php in Jobline 1.1.1 allows remote attackers to execute arbitrary code vi...

CVE-2009-227110.0

The Huawei D100 has (1) a certain default administrator password for the web interface, and does not force a password change; and ...

CVE-2009-049210.0

Unspecified vulnerability in SimpleIrcBot before 1.0 Stable has unknown impact and attack vectors related to an "auth vulnerabilit...

CVE-2009-427310.0

stap-server in SystemTap before 1.1 allows remote attackers to execute arbitrary commands via shell metacharacters in stap command...