Unrated severityNVD Advisory· Published Feb 4, 2019· Updated Sep 17, 2024
CVE-2016-1000271
CVE-2016-1000271
Description
Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in "/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events". This attack appears to be exploitable if the attacker can reach the web server.
Affected products
2<3.1.12 (Joomla 3.x) / <2.8.18 (Joomla 2.5)+ 1 more
- (no CPE)range: <3.1.12 (Joomla 3.x) / <2.8.18 (Joomla 2.5)
- (no CPE)range: <3.1.12 (Joomla 3.x) / <2.8.18 (Joomla 2.5)
Patches
Vulnerability mechanics
References
1- packetstormsecurity.com/files/140141/Joomla-DT-Register-SQL-Injection.htmlmitrex_refsource_MISC
News mentions
0No linked articles in our index yet.