Unrated severityNVD Advisory· Published Jun 9, 2010· Updated Jun 16, 2026
CVE-2010-2255
CVE-2010-2255
Description
SQL injection vulnerability in the BF Survey Pro (com_bfsurvey_pro) component before 1.3.1, BF Survey Pro Free (com_bfsurvey_profree) component 1.2.6, and BF Survey Basic component before 1.2 for Joomla! allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php. NOTE: some of these details are obtained from third party information.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
6- cpe:2.3:a:tamlyncreative:com_bfsurvey_basic:*:*:*:*:*:*:*:*Range: <=1.1
cpe:2.3:a:tamlyncreative:com_bfsurvey_pro:*:*:*:*:*:*:*:*+ 1 more
- cpe:2.3:a:tamlyncreative:com_bfsurvey_pro:*:*:*:*:*:*:*:*range: <=1.3.0
- cpe:2.3:a:tamlyncreative:com_bfsurvey_profree:1.2.6:*:*:*:*:*:*:*
- Range: < 1.3.1
- Range: = 1.2.6
- Range: < 1.2
Patches
Vulnerability mechanics
References
5- packetstormsecurity.org/1001-exploits/joomlabfsurveypro-sql.txtnvdExploit
- www.securityfocus.com/bid/37585nvdExploit
- www.tamlyncreative.com.au/software/forum/index.phpnvdExploit
- secunia.com/advisories/37868nvdVendor Advisory
- osvdb.org/61456nvd
News mentions
0No linked articles in our index yet.