CVE-2008-2632

Description

SQL injection vulnerability in the acctexp (com_acctexp) component 0.12.x and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the usage parameter in a subscribe action to index.php.

Affected products

• Joomla! / com_acctexp0.12 – 0.12
• Joomla! / Joomla!

References

• EXPLOIThttps://www.exploit-db.com/exploits/5721
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/42794