What is CVE-2015-7297?

CVE-2015-7297 is a vulnerability in Joomla Joomla\!, classified under SQL Injection. Published 2015-10-29.

Is CVE-2015-7297 known to be exploited?

33 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.

SQL Injection in Joomla Joomla\!

CVE-2015-7297

SQL injection vulnerability in Joomla! 3.2 before 3.4.4 allows remote attackers to execute arbitrary SQL commands via unspecified vectors, a different vulnerability than CVE-2015-7858.

Vulnerability class: SQL Injection

EPSS: 0.916 (99.7th percentile) — read the EPSS interpretation.

Affected products

Joomla Joomla\! — versions 3.2.0, 3.2.1, 3.2.2
N/a — versions n/a

Weakness classification (CWE)

CWE-89 — SQL Injection

Public proof-of-concept exploits

References

cve@mitre.org (Exploit, x_refsource_MISC)
cve@mitre.org (x_refsource_MISC)
77295 (vdb-entry, x_refsource_BID)
1033950 (vdb-entry, x_refsource_SECTRACK)
cve@mitre.org (x_refsource_MISC)
38797 (exploit, x_refsource_EXPLOIT-DB)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_MISC)
cve@mitre.org (x_refsource_CONFIRM)

Frequently asked questions

What is CVE-2015-7297?: CVE-2015-7297 is a vulnerability in Joomla Joomla\!, classified under SQL Injection. Published 2015-10-29.
Is CVE-2015-7297 known to be exploited?: 33 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.