CVE-2015-7857

SQL injection vulnerability in the getListQuery function in administrator/components/com_contenthistory/models/history.php in Joomla! 3.2 before 3.4.5 allows remote attackers to execute arbitrary SQL commands via the list[select] parameter to index.php.

Published: Oct 29, 2015
Updated: Apr 13, 2023
CVE: CVE-2015-7857
Severity: High
Exploit:

CVSS v2:

Severity: High
Score: 7.5
AV:N/AC:L/Au:N/C:P/I:P/A:P

CWEs:

CWE-89

OWASP TOP 10:

A1 - Injection

Affected Software
References

Software	From	Fixed in
Joomla / joomla	3.3.3	3.3.3.x
Joomla / joomla	3.2.1	3.2.1.x
Joomla / joomla	3.4.4	3.4.4.x
Joomla / joomla	3.4.2	3.4.2.x
Joomla / joomla	3.3.4	3.3.4.x
Joomla / joomla	3.3.1	3.3.1.x
Joomla / joomla	3.2.2	3.2.2.x
Joomla / joomla	3.4.1	3.4.1.x
Joomla / joomla	3.4.0	3.4.0.x
Joomla / joomla	3.3.0	3.3.0.x
Joomla / joomla	3.2.4	3.2.4.x
Joomla / joomla	3.4.3	3.4.3.x
Joomla / joomla	3.2.3	3.2.3.x
Joomla / joomla	3.2.0	3.2.0.x
Joomla / joomla	3.3.2	3.3.2.x

http://developer.joomla.org/security-centre/628-20151001-core-sql-injection.html
http://packetstormsecurity.com/files/134097/Joomla-3.44-SQL-Injection.html
http://packetstormsecurity.com/files/134494/Joomla-Content-History-SQL-Injection-Remote-Code-Execution.html
http://www.rapid7.com/db/modules/exploit/unix/webapp/joomla_contenthistory_sqli_rce
http://www.securityfocus.com/bid/77295
http://www.securitytracker.com/id/1033950
https://www.exploit-db.com/exploits/38797/
https://www.trustwave.com/Resources/SpiderLabs-Blog/Joomla-SQL-Injection-Vulnerability-Exploit-Results-in-Full-Administrative-Access/

Vulnerability Database

CVE-2015-7857