Vendor
high
advisory
Joomla! User Bench Component SQL Injection (CVE-2017-20254)
1 rule 3 TTPsAn unauthenticated attacker can exploit CVE-2017-20254, an SQL injection vulnerability in the Joomla! Component User Bench 1.0, by sending crafted HTTP GET requests to extract sensitive database information including credentials and configuration data.
User Bench 1.0
sqli
joomla
web-vulnerability
cve
1r
3t
high
advisory
CVE-2017-20253: Joomla! Component My Projects 2.0 SQL Injection Vulnerability
2 rules 3 TTPsAn unauthenticated SQL injection vulnerability (CVE-2017-20253) in Joomla! Component My Projects 2.0 allows attackers to execute arbitrary SQL queries via the 'VerAyari' parameter, leading to the extraction of sensitive database information including credentials and system data.
My Projects 2.0
sql-injection
web-application
joomla
cve
2r
3t