Vulnerability Database

290,301

Total vulnerabilities in the database

CVE-2009-0380

SQL injection vulnerability in the Sigsiu Online Business Index 2 (SOBI2, com_sobi2) RC 2.8.2 component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the bid parameter in a showbiz action to index.php, a different vector than CVE-2008-0607. NOTE: CVE disputes this issue, since neither "showbiz" nor "bid" appears in the source code for SOBI2

  • Published: Feb 2, 2009
  • Updated: Nov 8, 2023
  • CVE: CVE-2009-0380
  • Severity: High
  • Exploit:

CVSS v2:

  • Severity: High
  • Score: 7.5
  • AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

OWASP TOP 10:

Software From Fixed in
sigsiu.net / sobi2 2.8.2-rc 2.8.2-rc.x