CVE-2011-4823 Information

Description

Multiple SQL injection vulnerabilities in Vik Real Estate (com_vikrealestate) component 1.0 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) contract parameter in a results action and (2) imm parameter in a show action to index.php.

Reference

http://docs.joomla.org/Vulnerable_Extensions_ListVik_Real_Estate_1.0 http://www.exploit-db.com/exploits/18048