CVSS: 8.8EPSS: 0%CPEs: 1EXPL: 3CVE-2018-12254 – Joomla! Component Ek Rishta 2.10 - SQL Injection
https://notcve.org/view.php?id=CVE-2018-12254
12 Jun 2018 — router.php in the Harmis Ek rishta (aka ek-rishta) 2.10 component for Joomla! allows SQL Injection via the PATH_INFO to a home/requested_user/Sent%20interest/ URI. router.php en el componente Harmis Ek rishta (también conocido como ek-rishta) 2.10 para Joomla! permite la inyección SQL mediante PATH_INFO a un URI home/requested_user/Sent%20interest/. Joomla Ek Rishta component version 2.10 suffers from a remote SQL injection vulnerability. • https://packetstorm.news/files/id/148189 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •
CVSS: 9.8EPSS: 1%CPEs: 1EXPL: 3CVE-2018-7315 – Joomla! Component Ek Rishta 2.9 - SQL Injection
https://notcve.org/view.php?id=CVE-2018-7315
22 Feb 2018 — SQL Injection exists in the Ek Rishta 2.9 component for Joomla! via the gender, age1, age2, religion, mothertounge, caste, or country parameter. Existe inyección SQL en el componente Ek Rishta 3.0.2 para Joomla! mediante los parámetros gender, age1, age2, religion, mothertounge, caste o country. Joomla! • https://packetstorm.news/files/id/146548 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •