CVE-2013-3932

Summary

SQL injection vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the "Business Manager" permission to execute arbitrary SQL commands via the id parameter in an editProfile action to administrator/index.php.

Affected Software

VendorProductVersion RangeStatus
JomresJomres component for Joomla!before 7.3.1affected

Weaknesses

  • SQL Injection

ADP Enrichment

CVE Program Container

Additional References

References