oss-sec mailing list archives
Re: CVE-request 2006: Joomla Web Link Submission title Parameter SQL injection
From: Kurt Seifried <kseifried () redhat com>
Date: Sat, 24 Dec 2011 08:39:35 -0700
On 12/24/2011 08:05 AM, Henri Salo wrote:
It's never to late for a CVE! This issue doesn't appear to be CVE-2006-3481 so I guess it gets a new CVE. Please use CVE-2006-7247 for this issue.Is it possible to get CVE assigned for very old Joomla-issue? http://osvdb.org/show/osvdb/26626 http://secunia.com/advisories/20746/ http://www.exploit-db.com/exploits/1922/ http://www.securityfocus.com/archive/1/437496 I can see from honeypot-logs that they are still using this vulnerability. I did not yet find Joomla-references for this. If this is too old vulnerability for CVE or wrong reason please notify me. - Henri Salo
-- -Kurt Seifried / Red Hat Security Response Team
Current thread:
- CVE-request 2006: Joomla Web Link Submission title Parameter SQL injection Henri Salo (Dec 24)
- Re: CVE-request 2006: Joomla Web Link Submission title Parameter SQL injection Kurt Seifried (Dec 24)