Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in “/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events”. This attack appears to be exploitable if the attacker can reach the web server.
CPE | Name | Operator | Version |
---|---|---|---|
dt_register | ge | 3.0.0 | |
dt_register | lt | 3.1.12 | |
dt_register | ge | 2.0.0 | |
dt_register | lt | 2.8.18 |