CVE-2008-0773

Description

SQL injection vulnerability in Phil Taylor Comments (com_comments, aka Review Script) 0.5.8.5g and earlier component for Mambo allows remote attackers to execute arbitrary SQL commands via the id parameter.

Affected products

• Joomla! / com_comments0.5.8.5g
• Mambo / com_comments0.5.8.5g
• phil_taylor / comments0.5.8.5g
• phil_taylor / review_script0.5.8.5g

References

• MISChttp://www.securityfocus.com/bid/27731
• EXPLOIThttps://www.exploit-db.com/exploits/5094