Lucene search

MitreCVELIST:CVE-2019-9918

HistoryMar 29, 2019 - 2:05 p.m.

CVE-2019-9918

2019-03-2914:05:45

mitre

www.cve.org

8.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

9.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.4%

JSON

An issue was discovered in the Harmis JE Messenger component 1.2.2 for Joomla!. Input does not get validated and queries are not written in a way to prevent SQL injection. Therefore arbitrary SQL-Statements can be executed in the database.

References

extensions.joomla.org/extension/je-messenger/

github.com/azd-cert/CVE/blob/master/CVEs/CVE-2019-9918.md

8.5 High

CVSS3

Attack Vector

NETWORK

Attack Complexity

LOW

Privileges Required

LOW

User Interaction

NONE

Scope

CHANGED

Confidentiality Impact

HIGH

Integrity Impact

LOW

Availability Impact

NONE

CVSS:3.0/AV:N/AC:L/PR:L/UI:N/S:C/C:H/I:L/A:N

9.6 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

44.4%

JSON

Related for CVELIST:CVE-2019-9918