Re: CVE-request 2006: Joomla Web Link Submission title Parameter SQL injection

[Kurt Seifried <kseifried () redhat com>]

On 12/24/2011 08:05 AM, Henri Salo wrote:
> Is it possible to get CVE assigned for very old Joomla-issue?
>
> http://osvdb.org/show/osvdb/26626
> http://secunia.com/advisories/20746/
> http://www.exploit-db.com/exploits/1922/
> http://www.securityfocus.com/archive/1/437496
>
> I can see from honeypot-logs that they are still using this vulnerability. I did not yet find Joomla-references for 
> this. If this is too old vulnerability for CVE or wrong reason please notify me.
>
> - Henri Salo
It's never to late for a CVE! This issue doesn't appear to be 
CVE-2006-3481 so I guess it gets a new CVE. Please use CVE-2006-7247 for 
this issue.

--

-Kurt Seifried / Red Hat Security Response Team