CVE-2009-2395

NONE EPSS 85.9%
Published Jul 9, 200916y ago · Modified Jun 16, 20262w ago
Find Similar
Published Jul 9, 2009 16y ago
Last Modified Jun 16, 2026 2w ago

Description

SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php.

Threat Intelligence

EPSS Exploit Probability
85.9% percentile
Exploit & Patch Status
Public Exploit Known
No Patch Available

Weaknesses 1

CWE-89 SQL Injection Injection

Affected Products 2

VendorProductVersionRange
joomlaworkscom_k2* ≤1.0.1
joomlajoomla\!*any

References 3

Remediation

No remediation data recorded yet

Check vendor advisories and the NVD entry for patch availability.