Published: 17/02/2018 Updated: 05/03/2018

CVSS v2 Base Score: 7.5 | Impact Score: 6.4 | Exploitability Score: 10

CVSS v3 Base Score: 9.8 | Impact Score: 5.9 | Exploitability Score: 3.9

VMScore: 755

Vector: AV:N/AC:L/Au:N/C:P/I:P/A:P

Subscribe to Google Map Landkarten Project

SQL Injection exists in the Google Map Landkarten up to and including 4.2.3 component for Joomla! via the cid or id parameter in a layout=form_markers action, or the map parameter in a layout=default action.

Vulnerable Product	Search on Vulmon	Subscribe to Product
google map landkarten project google map landkarten

# # # # # Exploit Title: Joomla! Component Google Map Landkarten <= 423 - SQL Injection # Dork: N/A # Date: 16022018 # Vendor Homepage: wwwjoomla-24de/ # Software Link: extensionsjoomlaorg/extensions/extension/maps-a-weather/maps-a-locations/google-map-landkarten/ # Software Download: wwwjoomla-24de/download/send/ ...

Joomla! Google Map Landkarten component versions 423 and below suffer from a remote SQL injection vulnerability ...

Joomla - Component Google Map Landkarten <= 4.2.3 - SQL Injection

Joomla-CVE-2018-6396 Joomla! Component Google Map Landkarten <= 423 - SQL Injection Date: 03/03/2018 Vendor Homepage: wwwjoomla-24de/ Software Link: extensionsjoomlaorg/extensions/extension/maps-a-weather/maps-a-locations/google-map-landkarten/ Version: <= 423 Tested on: KaLi Linux 20181 CVE: CVE-2018-6396 Discovered by: Ihsan Sencan Exploi

CWE-89 https://exploit-db.com/exploits/44113 http://www.securityfocus.com/bid/103094 https://nvd.nist.gov https://github.com/JavierOlmedo/joomla-cve-2018-6396 https://www.exploit-db.com/exploits/44113/

CVE-2018-6396

Vulnerability Summary

Vulnerability Trend

Exploits

Github Repositories

References

Vulmon Search

About

Products

Connect