CVE-2013-7219

Published Jan 21, 2014

Last updated 6 years ago

Overview

Description: SQL injection vulnerability in vote.php in the 2Glux Sexy Polling (com_sexypolling) component before 1.0.9 for Joomla! allows remote attackers to execute arbitrary SQL commands via the answer_id[] parameter.
Source: cve@mitre.org
NVD status: Modified

Risk scores

CVSS 2.0

Type: Primary
Base score: 7.5
Impact score: 6.4
Exploitability score: 10
Vector string: AV:N/AC:L/Au:N/C:P/I:P/A:P

Weaknesses

nvd@nist.gov: CWE-89

Hype score: Not currently trending

Configurations

[
  {
    "nodes": [
      {
        "negate": false,
        "cpeMatch": [
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:*:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "33A0572B-DFAB-4F8C-9098-2B346FB2C3A5",
            "versionEndIncluding": "1.0.8"
          },
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:0.9.1:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "014F004C-C8C6-40D6-8407-69E56D6EEBA0"
          },
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:0.9.2:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "264ACF63-F436-4DF6-BB4C-DB7292DE222C"
          },
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:0.9.4:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "8D8DE007-DC08-45E9-8E80-FA1DBD24D2E3"
          },
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:0.9.5:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "D8B74019-AE99-46F0-A303-E2085CB5BE6A"
          },
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:0.9.6:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DA3AA0F1-39D1-4309-8E33-A406FFB3D903"
          },
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:0.9.7:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DC7F314F-FC93-41CC-89FD-38AAB82644B7"
          },
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:1.0.1:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "CD5CD6E3-237D-421F-ABAE-3E6206A647F0"
          },
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:1.0.2:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "6CDC53ED-E3E3-47FE-A566-5C0BD78AB493"
          },
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:1.0.3:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "66E2CA46-B613-451E-B988-61F60F44861D"
          },
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:1.0.4:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "E9E6B2E6-7977-4846-BA84-6496A5D7112F"
          },
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:1.0.5:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "AC3FE41D-ABDC-40FB-BE85-BB9C6258C73E"
          },
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:1.0.6:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "76BEEC71-1128-4731-95CC-18BE2176E6F0"
          },
          {
            "criteria": "cpe:2.3:a:2glux:com_sexypolling:1.0.7:-:-:*:-:joomla\\!:*:*",
            "vulnerable": true,
            "matchCriteriaId": "DE5787A4-2A0B-4E97-9140-2FE23B268CFF"
          }
        ],
        "operator": "OR"
      }
    ]
  }
]

Overview

Risk scores

CVSS 2.0

Weaknesses

Social media

Configurations

References