cpe:/a:joomlaworks:com_k2:1.0.1:beta CVE-2009-2395 2009-07-09T12:30:00.687-04:00 2017-09-18T21:29:05.123-04:00 7.5 NETWORK LOW NONE PARTIAL PARTIAL PARTIAL http://nvd.nist.gov 2009-07-09T13:18:00.000-04:00 BID 35517 EXPLOIT-DB 9030 VUPEN ADV-2009-1733 SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php.