CVE Search Engine - Security Vulnerabilities and Exploits Search Tool

ATTACKERKB•added 2026/06/19 4:58 p.m.•7 views

CVE-2017-20282

Exploits0References3Affected Software1

CVE•added 2026/06/19 4:58 p.m.•10 views

CVE-2017-20282

CVE-2017-20282 concerns the Joomla! Component jCart for OpenCart 2.0, where an SQL injection vulnerability exists in the product_id parameter. The flaw lets unauthenticated attackers supply crafted values via GET requests to index.php with the query string option=com_jcart&route=product/product a...

ATTACKERKB•added 2026/06/19 4:54 p.m.•6 views

CVE-2017-20281

Joomla! Component Extra Search 2.2.8 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the establename parameter. Attackers can send GET requests to index.php with the option=comextrasearch parameter and...

Exploits0References3Affected Software1

EUVD•added 2026/06/19 4:54 p.m.•5 views

EUVD-2017-19008

Cvelist•added 2026/06/19 4:54 p.m.•27 views

CVE-2017-20281 Joomla! Component Extra Search 2.2.8 SQL Injection

8.8CVSS0.00267EPSS

CVE•added 2026/06/19 4:54 p.m.•11 views

CVE-2017-20281

Joomla! Component Extra Search 2.2.8 contains an SQL injection vulnerability in the establename parameter (index.php?option=com_extrasearch). The issue allows unauthenticated attackers to manipulate database queries and extract sensitive information. Evidence in CVE records and AttackerKB confirm...

CVE•added 2026/06/19 4:51 p.m.•10 views

CVE-2017-20280

影

EUVD•added 2026/06/19 4:51 p.m.•4 views

EUVD-2017-19007

Joomla Component Myportfolio 3.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the pid parameter. Attackers can send GET requests to index.php with malicious pid values in the task=project&view=grid...

ATTACKERKB•added 2026/06/19 4:51 p.m.•6 views

CVE-2017-20280

Exploits0References2Affected Software1

Cvelist•added 2026/06/19 4:51 p.m.•30 views

CVE-2017-20280 Joomla Component Myportfolio 3.0.2 SQL Injection via pid Parameter

8.8CVSS0.00237EPSS

Cvelist•added 2026/06/19 4:48 p.m.•27 views

CVE-2017-20279 Joomla Payage 2.05 SQL Injection via aid Parameter

Joomla Payage 2.05 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the aid parameter. Attackers can send GET requests to index.php with malicious aid values in the makepayment task to extract sensitive...

8.8CVSS0.00237EPSS

EUVD•added 2026/06/19 4:48 p.m.•8 views

EUVD-2017-19006

CVE•added 2026/06/19 4:48 p.m.•10 views

CVE-2017-20279

Joomla Payage 2.05 is affected by an SQL injection in the aid parameter used in the make_payment task (unauthenticated access). The vulnerability allows manipulation of database queries, enabling extraction of sensitive data via boolean-based blind or time-based blind techniques. This is supporte...

ATTACKERKB•added 2026/06/19 4:48 p.m.•8 views

CVE-2017-20279

Exploits0References2Affected Software1

ATTACKERKB•added 2026/06/19 4:44 p.m.•7 views

CVE-2017-20278

Joomla Component JoomRecipe 1.0.3 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the category parameter. Attackers can send GET requests to the all-recipes endpoint with malicious SQL payloads in the...

Exploits0References2Affected Software1

Cvelist•added 2026/06/19 4:44 p.m.•30 views

CVE-2017-20278 Joomla JoomRecipe 1.0.3 SQL Injection via category parameter

8.8CVSS0.00237EPSS

CVE•added 2026/06/19 4:44 p.m.•9 views

CVE-2017-20278

CVE-2017-20278 : Joomla Component JoomRecipe 1.0.3 contains an SQL injection vulnerability exploitable via the category parameter in the all-recipes endpoint. Attacks can be performed by unauthenticated users to manipulate queries and extract sensitive database information. The connected document...

EUVD•added 2026/06/19 4:44 p.m.•5 views

EUVD-2017-19005