CVE-2005-3772 | Vulnerability Database | Aqua Security

Multiple SQL injection vulnerabilities in Joomla! before 1.0.4 allow remote attackers to execute arbitrary SQL commands via the (1) Itemid variable in the Polls modules and (2) multiple unspecified methods in the mosDBTable class.

Affected Software

Name	Vendor	Start Version	End Version
Joomla	Joomla	1.0 (including)	1.0 (including)
Joomla	Joomla	1.0.1 (including)	1.0.1 (including)
Joomla	Joomla	1.0.2 (including)	1.0.2 (including)
Joomla	Joomla	1.0.3 (including)	1.0.3 (including)

References

http://secunia.com/advisories/17675
http://www.joomla.org/content/view/499/66/
http://www.osvdb.org/21042
http://www.osvdb.org/21043
http://www.securityfocus.com/bid/15526
http://www.vupen.com/english/advisories/2005/2526
https://exchange.xforce.ibmcloud.com/vulnerabilities/23177
https://exchange.xforce.ibmcloud.com/vulnerabilities/23178
http://secunia.com/advisories/17675
http://www.joomla.org/content/view/499/66/
http://www.osvdb.org/21042
http://www.osvdb.org/21043
http://www.securityfocus.com/bid/15526
http://www.vupen.com/english/advisories/2005/2526
https://exchange.xforce.ibmcloud.com/vulnerabilities/23177
https://exchange.xforce.ibmcloud.com/vulnerabilities/23178

NVD	https://nvd.nist.gov/vuln/detail/CVE-2005-3772
CWE	https://cwe.mitre.org/data/definitions/NVD-Other.html