COM K2

DATE	CVE	VULNERABILITY TITLE	RISK
2009-07-09	CVE-2009-2395	SQL Injection vulnerability in Joomlaworks COM K2 SQL injection vulnerability in the K2 (com_k2) component 1.0.1 Beta and earlier for Joomla! allows remote attackers to execute arbitrary SQL commands via the category parameter in an itemlist action to index.php. network low complexity joomlaworks joomla CWE-89	7.5

CVE is a registered MITRE Corporation trademark and MITRE's CVE website is the authoritative source of CVE content. CWE is a registered MITRE Corporation trademark and MITRE's CWE website is the authoritative source of CWE content.