SQL injection vulnerability in the (1) casinobase (com_casinobase), (2) casino_blackjack (com_casino_blackjack), and (3) casino_videopoker (com_casino_videopoker) components 0.3.1 for Joomla! allows remote attackers to execute arbitrary SQL commands via the Itemid parameter to index.php.
2009-06-27T18:48:02.703
2025-04-09T00:30:58.490
Deferred
CVSSv2: 7.5 (HIGH)
AV:N/AC:L/Au:N/C:P/I:P/A:P
10.0
6.4
| Type | Vendor | Product | Version/Range | Vulnerable? |
|---|---|---|---|---|
| Application | joomla | joomla | * | No |
| Application | joomla | com_casiino_blackjack | 0.3.1 | Yes |
| Application | joomla | com_casino_videopoker | 0.3.1 | Yes |
| Application | joomla | com_casinobase | 0.3.1 | Yes |