CVE-2008-2697

Description

SQL injection vulnerability in the Rapid Recipe (com_rapidrecipe) component 1.6.6 and 1.6.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the recipe_id parameter in a viewrecipe action to index.php.

Affected products

• Joomla! / com_rapidrecipe1.6.6 – 1.6.6
• Joomla! / com_rapidrecipe1.6.7 – 1.6.7
• rapid-source / rapid_recipe1.6.6 – 1.6.6
• rapid-source / rapid_recipe1.6.7 – 1.6.7

References

• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/42924
• VENDOR_ADVISORYhttp://secunia.com/advisories/30566
• MISChttp://www.securityfocus.com/bid/29593
• EXPLOIThttps://www.exploit-db.com/exploits/5759