CVE-2009-0377

Description

SQL injection vulnerability in the beamospetition (com_beamospetition) 1.0.12 component for Joomla! allows remote attackers to execute arbitrary SQL commands via the mpid parameter in a sign action to index.php, a different vector than CVE-2008-3132.

Affected products

• Joomla! / com_beamospetition1.0.12 – 1.0.12

References

• MISChttp://www.securityfocus.com/archive/1/500250/100/0/threaded
• EXPLOIThttps://www.exploit-db.com/exploits/7847
• MISChttp://www.securityfocus.com/bid/33391