cpe:/a:joomla:com_yvcomment:1.1 cpe:/a:joomla:com_yvcomment:1.2 cpe:/a:joomla:com_yvcomment:1.3 cpe:/a:joomla:com_yvcomment:1.4 cpe:/a:joomla:com_yvcomment:1.5 cpe:/a:joomla:com_yvcomment:1.6 cpe:/a:joomla:com_yvcomment:1.7 cpe:/a:joomla:com_yvcomment:1.8 cpe:/a:joomla:com_yvcomment:1.9 cpe:/a:joomla:com_yvcomment:1.10 cpe:/a:joomla:com_yvcomment:1.11 cpe:/a:joomla:com_yvcomment:1.12 cpe:/a:joomla:com_yvcomment:1.13 cpe:/a:joomla:com_yvcomment:1.14 cpe:/a:joomla:com_yvcomment:1.15 cpe:/a:joomla:com_yvcomment:1.16 CVE-2008-2692 2008-06-13T15:41:00.000-04:00 2017-09-28T21:31:16.850-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2008-06-16T11:20:00.000-04:00 ALLOWS_OTHER_ACCESS BID 29596 SECUNIA 30567 EXPLOIT-DB 5755 XF yvcomment-index-sql-injection(42920) SQL injection vulnerability in the yvComment (com_yvcomment) component 1.16.0 and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the ArticleID parameter in a comment action to index.php.