CVE-2008-0855

Description

SQL injection vulnerability in the Facile Forms (com_facileforms) component for Joomla! and Mambo allows remote attackers to execute arbitrary SQL commands via the catid parameter to index.php.

Affected products

• Joomla! / com_facileforms
• Mambo / com_facileforms

References

• MISChttp://www.securityfocus.com/archive/1/488335/100/0/threaded
• MISChttp://securityreason.com/securityalert/3679
• MISChttp://www.securityfocus.com/bid/27880