Sql injection

2017-10-2906:29:00

PRIOn knowledge base

www.prio-n.com

9.8 High

AI Score

Confidence

High

0.004 Low

EPSS

Percentile

72.8%

The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action.

CPENameOperatorVersion
ns_download_shopeq2.2.6

CPE	Name	Operator	Version
	ns_download_shop	eq	2.2.6

References

www.securityfocus.com/bid/101624

packetstormsecurity.com/files/144435/Joomla-NS-Download-Shop-2.2.6-SQL-Injection.html

www.exploit-db.com/exploits/43094/