SQL injection vulnerability in (1) Joomla! 1.0.11 and 1.5 Beta, and (2) Mambo 4.6.1, allows remote attackers to execute arbitrary SQL commands via the id parameter when cancelling content editing.
| Name | Vendor | Start Version | End Version |
|---|---|---|---|
| Joomla | Joomla | 1.0.11 (including) | 1.0.11 (including) |
| Joomla | Joomla | 1.5.0_beta (including) | 1.5.0_beta (including) |
| Mambo | Mambo | 4.6.1 (including) | 4.6.1 (including) |