CVE-2008-0801 Information

Description

SQL injection vulnerability in index.php in the PAXXGallery (com_paxxgallery) 0.2 component for Mambo and Joomla! allow remote attackers to execute arbitrary SQL commands via (1) the iid parameter in a view action and possibly (2) the userid parameter.

Reference

http://www.securityfocus.com/bid/27811 https://exchange.xforce.ibmcloud.com/vulnerabilities/40497 https://www.exploit-db.com/exploits/5117