CVE-2008-3265

Description

SQL injection vulnerability in the DT Register (com_dtregister) 2.2.3 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the eventId parameter in a pay_options action to index.php.

Affected products

• Joomla! / com_dtregister2.2.3 – 2.2.3

References

• MISChttp://www.securityfocus.com/bid/30256
• MISChttp://osvdb.org/47061
• MISChttps://exchange.xforce.ibmcloud.com/vulnerabilities/43851
• VENDOR_ADVISORYhttp://secunia.com/advisories/31126
• MISChttp://www.dthdevelopment.com/index.php?option=com_fireboard&Itemid=73&func=view&id=1883&catid=4
• EXPLOIThttps://www.exploit-db.com/exploits/6086
• MISChttp://securityreason.com/securityalert/4023