Intrusion Prevention

Joomla!.Component.AllVideos.Reloaded.SQL.Injection

Description

This indicates an attack attempt to exploit a SQL Injection vulnerability in Joomla! Component AllVideos Reloaded.
The vulnerability is due to insufficient sanitizing of user supplied inputs in the application when handling a craft HTTP request. A remote attacker may be able exploit this this to send a crafted query to execute SQL commands within the context of the application.

Affected Products

Joomla! Component AllVideos Reloaded version 1.2 to version 1.2.7

Impact

System Compromise: Remote attackers can access or modify data in the database of the affected application

Recommended Actions

Apply latest patch or upgrade to the latest version from the vendor.
http://joomlacode.org/gf/project/allvideos15/frs/?action=FrsReleaseBrowse&frs_package_id=3564

CVE References

CVE-2018-5990

Other References

44107