Published: 28/06/2010 Updated: 29/06/2010

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

VMScore: 760

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

SQL injection vulnerability in the JE Ajax Event Calendar (com_jeajaxeventcalendar) component 1.0.5 for Joomla! allows remote malicious users to execute arbitrary SQL commands via the view parameter to index.php.

Vulnerable Product	Search on Vulmon	Subscribe to Product
harmistechnology com_jeajaxeventcalendar 1.0.5

Exploit Title:Joomla JE Ajax event calendar SQL Vulnerable Version:105 Author: L0rd CrusAd3r aka VSN [crusader_hmg@yahoocom] Published: 2010-06-23 Greetz to:r0073r (inj3ct0rcom), Sid3^effects, MaYur, MA1201, Sonic Bluehat Special Greetz: Topsecurenet, inj3ct0r Team Shoutzz:- To all ICW members ~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~*~*~*~~*~*~*~* ...

# Vendor: joomlaextensionscoin/extensions/components/je-ajax-event-calenderhtml # Download: extensionsjoomlaorg/extensions/calendars-a-events/events/events-calendars/12110 # Author: altbta # Contact: l_9[at]Hotmail[Dot]com # Home: xp10com # Thanks to: rxh xp10com >> v4-teamcom >> p0ccc :)) ========== ...

CWE-89 http://www.securityfocus.com/bid/41058 http://www.exploit-db.com/exploits/13997 http://packetstormsecurity.org/1006-exploits/joomlajeajax-sql.txt https://nvd.nist.gov https://www.exploit-db.com/exploits/13997/

Get Started

Vulmon Search is a vulnerability search engine. It gives comprehensive vulnerability information through a very simple user interface.

Home Recent Vulnerabilities Research Posts Trends Blog About Contact

Vulmon Search Vulmon Research Vulmon Alerts Vulmap

Twitter Reddit Linkedin Facebook

CVE-2010-2513

Vulnerability Summary

Exploits

References

Vulmon Search

About

Products

Connect