CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 2CVE-2018-12254 – Joomla! Component Ek Rishta 2.10 - SQL Injection
https://notcve.org/view.php?id=CVE-2018-12254
router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for Joomla! allows SQL Injection via the PATH_INFO to a home/requested_user/Sent%20interest/ URI. router.php en el componente Harmis Ek rishta (también conocido como ek-rishta) 2.10 para Joomla! permite la inyección SQL mediante PATH_INFO a un URI home/requested_user/Sent%20interest/. Joomla Ek Rishta component version 2.10 suffers from a remote SQL injection vulnerability. • https://www.exploit-db.com/exploits/44893 https://m4k4br0.github.io/sql-injection-joomla-component • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 0%CPEs: 1EXPL: 2CVE-2018-7315 – Joomla! Component Ek Rishta 2.9 - SQL Injection
https://notcve.org/view.php?id=CVE-2018-7315
SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2, religion, mothertounge, caste, or country parameter. Existe inyección SQL en el componente Ek Rishta 3.0.2 para Joomla! mediante los parámetros gender, age1, age2, religion, mothertounge, caste o country. Joomla! • https://www.exploit-db.com/exploits/44161 https://exploit-db.com/exploits/44161 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •