SQL injection vulnerability in the Yet another Newsletter Component (aka YaNC or com_yanc) component prior to 1.5 beta 3 for Mambo and Joomla! allows remote malicious users to execute arbitrary SQL commands via the listid parameter to index.php. NOTE: some of these details are obtained from third party information.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
com yanc com yanc 1.4_beta |