Finding entry points Branch analysis from position: 0 1 jumps found. (Code = 62) Position 1 = -2 filename: /in/uoaSJ function name: (null) number of ops: 19 compiled vars: !0 = $html, !1 = $doc, !2 = $xpath, !3 = $feed_items line #* E I O op fetch ext return operands ------------------------------------------------------------------------------------- 3 0 E > ASSIGN !0, '%3Cul%3E%0A%3Cli%3E%3Cstrong%3EProject%3A%3C%2Fstrong%3E+Joomla%21%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ESubProject%3A%3C%2Fstrong%3E+CMS%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EImpact%3A%3C%2Fstrong%3E+%3Cspan+class%3D%22label+label-danger%22%3EHigh%3C%2Fspan%3E%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ESeverity%3A%3C%2Fstrong%3E+%3Cspan+class%3D%22label+label-info%22%3ELow%3C%2Fspan%3E%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EVersions%3A%3C%2Fstrong%3E+2.5.0+-+3.9.13%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EExploit+type%3A%3C%2Fstrong%3E+SQL+injection%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EReported+Date%3A%3C%2Fstrong%3E+2019-December-01%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3EFixed+Date%3A%3C%2Fstrong%3E+2019-December-17%3C%2Fli%3E%0A%3Cli%3E%3Cstrong%3ECVE+Number%3A%3C%2Fstrong%3E+%3Ca+href%3D%22https%3A%2F%2Fcve.mitre.org%2Fcgi-bin%2Fcvename.cgi%3Fname%3DCVE-2019-19846%22%3ECVE-2019-19846%3C%2Fa%3E%3C%2Fli%3E%0A%3C%2Ful%3E%0A%3Ch3%3EDescription%3C%2Fh3%3E%0A%3Cp%3EThe+lack+of+validation+of+configuration+parameters+used+in+SQL+queries+caused+various+SQL+injection+vectors.%3C%2Fp%3E%0A%3Ch3%3EAffected+Installs%3C%2Fh3%3E%0A%3Cp%3EJoomla%21+CMS+versions+2.5.0+-+3.9.13%3C%2Fp%3E%0A%3Ch3%3ESolution%3C%2Fh3%3E%0A%3Cp%3EUpgrade+to+version+3.9.14%3C%2Fp%3E%0A%3Ch3%3EContact%3C%2Fh3%3E%0A%3Cp%3EThe+JSST+at+the+%3Ca+title%3D%22Contact+the+JSST%22+href%3D%22https%3A%2F%2Fdeveloper.joomla.org%2Fsecurity-centre.html%22%3EJoomla%21+Security+Centre%3C%2Fa%3E.%3C%2Fp%3E%0A%3Cdiv+class%3D%22alert+alert-info%22%3E%3Cstrong%3EReported+By%3A+%3C%2Fstrong%3Eka1n4t%3C%2Fdiv%3E%3Cdiv+class%3D%22feedflare%22%3E%0A%3Ca+href%3D%22https%3A%2F%2Ffeeds.joomla.org%2F%7Eff%2FJoomlaSecurityNews%3Fa%3DGIZJHbqr1wQ%3AmKZamezlv3g%3AyIl2AUoC8zA%22%3E%3C%2Fa%3E%0A%3C%2Fdiv%3E' 26 1 NEW $5 'DOMDocument' 2 DO_FCALL 0 3 ASSIGN !1, $5 27 4 INIT_METHOD_CALL !1, 'loadHTML' 5 SEND_VAR_EX !0 6 DO_FCALL 0 28 7 NEW $9 'DOMXPath' 8 SEND_VAR_EX !1 9 DO_FCALL 0 10 ASSIGN !2, $9 29 11 INIT_METHOD_CALL !2, 'query' 12 SEND_VAL_EX '%2F%2Fdiv%5Bcontains%28%40class%2C+%22feed-item-description%22%29%5D' 13 DO_FCALL 0 $12 14 ASSIGN !3, $12 30 15 INIT_FCALL 'var_dump' 16 SEND_VAR !3 17 DO_ICALL 18 > RETURN 1
Generated using Vulcan Logic Dumper, using php 8.0.0