Unrated severityNVD Advisory· Published Oct 29, 2015· Updated Jun 17, 2026
CVE-2015-7297
CVE-2015-7297
Description
SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7858.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
16cpe:2.3:a:joomla:joomla\!:3.2.0:*:*:*:*:*:*:*+ 15 more
- cpe:2.3:a:joomla:joomla\!:3.2.0:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.2.1:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.2.2:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.2.3:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.2.4:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.3.0:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.3.1:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.3.2:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.3.3:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.3.4:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.4.0:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.4.1:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.4.2:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.4.3:*:*:*:*:*:*:*
- cpe:2.3:a:joomla:joomla\!:3.4.4:*:*:*:*:*:*:*
- (no CPE)range: >=3.2 <3.4.4
Patches
Vulnerability mechanics
References
9- www.trustwave.com/Resources/SpiderLabs-Blog/Joomla-SQL-Injection-Vulnerability-Exploit-Results-in-Full-Administrative-Access/nvdExploit
- developer.joomla.org/security-centre/628-20151001-core-sql-injection.htmlnvd
- packetstormsecurity.com/files/134097/Joomla-3.44-SQL-Injection.htmlnvd
- packetstormsecurity.com/files/134494/Joomla-Content-History-SQL-Injection-Remote-Code-Execution.htmlnvd
- www.rapid7.com/db/modules/auxiliary/gather/joomla_contenthistory_sqlinvd
- www.rapid7.com/db/modules/exploit/unix/webapp/joomla_contenthistory_sqli_rcenvd
- www.securityfocus.com/bid/77295nvd
- www.securitytracker.com/id/1033950nvd
- www.exploit-db.com/exploits/38797/nvd
News mentions
0No linked articles in our index yet.