1 results (0.014 seconds)

CVSS: 7.5EPSS: 0%CPEs: 2EXPL: 4

SQL injection vulnerability in the Payments Plus component 2.1.5 for Joomla! allows remote attackers to execute arbitrary SQL commands via the type parameter to add.html. Vulnerabilidad de inyección SQL en el componente Payments Plus 2.1.5 de Joomla! permite a atacantes remotos ejecutar comandos SQL de su elección a través del parámetro type de add.html. • https://www.exploit-db.com/exploits/14265 http://packetstormsecurity.org/1007-exploits/joomlapaymentsplus-sql.txt http://securityreason.com/securityalert/8497 http://www.exploit-db.com/exploits/14265 http://www.securityfocus.com/bid/41458 https://exchange.xforce.ibmcloud.com/vulnerabilities/60166 • CWE-89: Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection') •