Show filters
3 Total Results
Displaying 1-3 of 3
Sort by:
Attacker Value
Unknown

CVE-2024-36572

Disclosure Date: July 30, 2024 (last updated August 09, 2024)
Prototype pollution in allpro form-manager 0.7.4 allows attackers to run arbitrary code and cause other impacts via the functions setDefaults, mergeBranch, and Object.setObjectValue.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2018-6373

Disclosure Date: February 17, 2018 (last updated November 26, 2024)
SQL Injection exists in the Fastball 2.5 component for Joomla! via the season parameter in a view=player action.
Attack Vector: NetworkPrivileges: NoneUser Interaction: None
0
0
Attacker Value
Unknown

CVE-2009-3443

Disclosure Date: September 28, 2009 (last updated October 04, 2023)
SQL injection vulnerability in the Fastball (com_fastball) component 1.1.0 through 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the league parameter to index.php.
0
0