JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field.
References
Link | Resource |
---|---|
https://labs.integrity.pt/advisories/cve-2015-7342/ | Exploit Third Party Advisory |
Configurations
Information
Published : 2020-03-09 10:15
Updated : 2020-03-10 06:28
NVD link : CVE-2015-7342
Mitre link : CVE-2015-7342
JSON object : View
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')
Products Affected
joobi
- jnews