{"containers":{"cna":{"affected":[{"product":"Jomres component for Joomla!","vendor":"Jomres","versions":[{"status":"affected","version":"before 7.3.1"}]}],"datePublic":"2013-08-06T00:00:00.000Z","descriptions":[{"lang":"en","value":"SQL injection vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the \"Business Manager\" permission to execute arbitrary SQL commands via the id parameter in an editProfile action to administrator/index.php."}],"problemTypes":[{"descriptions":[{"description":"SQL Injection","lang":"en","type":"text"}]}],"providerMetadata":{"dateUpdated":"2020-01-02T19:26:30.000Z","orgId":"44d08088-2bea-4760-83a6-1e9be26b15ab","shortName":"flexera"},"references":[{"tags":["x_refsource_MISC"],"url":"http://www.securityfocus.com/bid/61635"},{"tags":["x_refsource_MISC"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/86252"},{"tags":["x_refsource_MISC"],"url":"https://www.joomlacorner.com/joomla-news/joomla-vulnerability-news/834-joomla-jomres-component-script-insertion-and-sql-injection-vulnerabilities.html"}],"x_legacyV4Record":{"CVE_data_meta":{"ASSIGNER":"PSIRT-CNA@flexerasoftware.com","ID":"CVE-2013-3932","STATE":"PUBLIC"},"affects":{"vendor":{"vendor_data":[{"product":{"product_data":[{"product_name":"Jomres component for Joomla!","version":{"version_data":[{"version_value":"before 7.3.1"}]}}]},"vendor_name":"Jomres"}]}},"data_format":"MITRE","data_type":"CVE","data_version":"4.0","description":{"description_data":[{"lang":"eng","value":"SQL injection vulnerability in the Jomres (com_jomres) component before 7.3.1 for Joomla! allows remote authenticated users with the \"Business Manager\" permission to execute arbitrary SQL commands via the id parameter in an editProfile action to administrator/index.php."}]},"problemtype":{"problemtype_data":[{"description":[{"lang":"eng","value":"SQL Injection"}]}]},"references":{"reference_data":[{"name":"http://www.securityfocus.com/bid/61635","refsource":"MISC","url":"http://www.securityfocus.com/bid/61635"},{"name":"https://exchange.xforce.ibmcloud.com/vulnerabilities/86252","refsource":"MISC","url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/86252"},{"name":"https://www.joomlacorner.com/joomla-news/joomla-vulnerability-news/834-joomla-jomres-component-script-insertion-and-sql-injection-vulnerabilities.html","refsource":"MISC","url":"https://www.joomlacorner.com/joomla-news/joomla-vulnerability-news/834-joomla-jomres-component-script-insertion-and-sql-injection-vulnerabilities.html"}]}}},"adp":[{"providerMetadata":{"orgId":"af854a3a-2127-422b-91ae-364da2661108","shortName":"CVE","dateUpdated":"2024-08-06T16:22:01.474Z"},"title":"CVE Program Container","references":[{"tags":["x_refsource_MISC","x_transferred"],"url":"http://www.securityfocus.com/bid/61635"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://exchange.xforce.ibmcloud.com/vulnerabilities/86252"},{"tags":["x_refsource_MISC","x_transferred"],"url":"https://www.joomlacorner.com/joomla-news/joomla-vulnerability-news/834-joomla-jomres-component-script-insertion-and-sql-injection-vulnerabilities.html"}]}]},"cveMetadata":{"assignerOrgId":"44d08088-2bea-4760-83a6-1e9be26b15ab","assignerShortName":"flexera","cveId":"CVE-2013-3932","datePublished":"2020-01-02T19:26:30.000Z","dateReserved":"2013-06-04T00:00:00.000Z","dateUpdated":"2024-08-06T16:22:01.474Z","state":"PUBLISHED"},"dataType":"CVE_RECORD","dataVersion":"5.1"}