CVE-2023-34477 Extension - braincert.com - SQLi in Virtual Classroom component for Joomla <= 1.6.0

2023-08-0716:50:55

CWE-89

Joomla

www.cve.org

extension joomla virtual-classroom sql-injection vulnerability

10 High

AI Score

Confidence

High

0.001 Low

EPSS

Percentile

33.1%

JSON

Improper Neutralization of Special Elements used in an SQL Command (‘SQL Injection’) vulnerability allows SQL Injection.

CNA Affected

[
  {
    "collectionURL": "https://extensions.joomla.org/extension/online-virtual-classroom/",
    "defaultStatus": "unaffected",
    "packageName": "com_virtualclassroom",
    "product": "Virtual Classroom component for Joomla",
    "vendor": "braincert.com",
    "versions": [
      {
        "status": "affected",
        "version": "1.0.0-1.25.0"
      }
    ]
  }
]

References

extensions.joomla.org/extension/online-virtual-classroom/