CyberSec.Space Logo
返回 CVE 瀏覽器

CVE-2016-10114

CRITICAL
9.8
CVSS Severity Score
EPSS Score0.0370%
EPSS Percentile31.35th
Published2017年1月4日
Last Modified2026年5月6日

Vulnerability Description

SQL injection vulnerability in the "aWeb Cart Watching System for Virtuemart" extension before 2.6.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via vectors involving categorysearch and smartSearch.

Affected Platforms (CPE)

📦
Awebsupport

Aweb Cart Watching System For Virtuemart

= 2.6.0

References & Advisories

🔗 http://www.securityfocus.com/bid/95293
🔗 https://github.com/qemm/joomlasqli
🔗 https://vel.joomla.org/resolved/1897-aweb-cart-watching-system-2-6-0
🔗 https://www.exploit-db.com/exploits/40973/
🔗 http://www.securityfocus.com/bid/95293
🔗 https://github.com/qemm/joomlasqli
🔗 https://vel.joomla.org/resolved/1897-aweb-cart-watching-system-2-6-0
🔗 https://www.exploit-db.com/exploits/40973/

相關漏洞威脅

CVE-2016-478710.0

Pulse Connect Secure (PCS) 8.2 before 8.2r1, 8.1 before 8.1r2, 8.0 before 8.0r10, and 7.4 before 7.4r13.4 allow remote attackers t...

CVE-2016-802710.0

SQL injection vulnerability in core services in Intel Security McAfee ePolicy Orchestrator (ePO) 5.3.2 and earlier and 5.1.3 and e...

CVE-2016-134310.0

The XML parser in Cisco Information Server (CIS) 6.2 allows remote attackers to read arbitrary files or cause a denial of service ...

CVE-2016-1092610.0

The nelio-ab-testing plugin before 4.5.9 for WordPress has SSRF in ajax/iesupport.php.