CVSS: 10.0EPSS: 0%CPEs: 1EXPL: 1CVE-2021-33925
https://notcve.org/view.php?id=CVE-2021-33925
15 Feb 2023 — SQL Injection vulnerability in nitinparashar30 cms-corephp through commit bdabe52ef282846823bda102728a35506d0ec8f9 (May 19, 2021) allows unauthenticated attackers to gain escilated privledges via a crafted login. • https://github.com/nitinp1232/cms-corephp/issues/1 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 1CVE-2020-25751
https://notcve.org/view.php?id=CVE-2020-25751
18 Sep 2020 — The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injection via the administrator/index.php?option=com_pago&view=comments filter_published parameter. El plugin paGO Commerce versión 2.5.9.0 para Joomla!, permite una inyección SQL por medio del parámetro filter_published de administrator/index.php? • https://geekwire.eu/2020/09/14/joomla-pago-commerce-2-5-9-0-sql-injection-authenticated • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 1%CPEs: 2EXPL: 3CVE-2009-4598 – Joomla! Component com_jphoto - 'id' SQL Injection
https://notcve.org/view.php?id=CVE-2009-4598
12 Jan 2010 — SQL injection vulnerability in the JPhoto (com_jphoto) component 1.0 for Joomla! allows remote attackers to execute arbitrary SQL commands via the id parameter in a category action to index.php. Vulnerabilidad de inyeccion SQL en el componente JPhoto (com_jphoto) v1.0 para Joomla! permite a atacantes remotos ejecutar comandos SQl arbitrarios a través del parámetro "id" en una acción "category" a index.php. • https://www.exploit-db.com/exploits/10367 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •