CVE-2021-47930 Balbooa Joomla Forms Builder 2.0.6 SQL Injection Unauthenticated

Balbooa Joomla Forms Builder 2.0.6 contains an unauthenticated SQL injection vulnerability in the form submission handler that allows remote attackers to execute arbitrary SQL queries. Attackers can send POST requests to the combaforms component with malicious JSON payloads in the 'id' field...

CVE-2021-47930

Balbooa Joomla Forms Builder 2.0.6 is affected by an unauthenticated SQL injection in the form submission handler. The vulnerability can be triggered by sending POST requests to the com_baforms component with malicious JSON payloads in the 'id' field, enabling remote attackers to extract sensitiv...

PT-2026-39506

Balbooa Joomla Forms Builder 2.0.6 contains an unauthenticated SQL injection vulnerability in the form submission handler that allows remote attackers to execute arbitrary SQL queries. Attackers can send POST requests to the com baforms component with malicious JSON payloads in the 'id' field...

EUVD-2025-21872

Malicious code in bioql PyPI...

CVE-2025-49485

A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1.1 for Joomla allows privileged users to execute arbitrary SQL commands via the 'id' parameter...

CVE-2025-49485

A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1.1 for Joomla allows privileged users to execute arbitrary SQL commands via the 'id' parameter...

CVE-2025-49485

CVE-2025-49485: A SQL injection in Balbooa Forms for Joomla affects versions 1.0.0 through 2.3.1.1. The vulnerability is triggered via the id parameter, enabling privileged users to execute arbitrary SQL commands (per CVSS 4.0 metrics: NETWORK, HIGH impact on confidentiality/integrity/availabilit...

CVE-2025-49485 Extension - balbooa.com - SQL injection in Balbooa Forms component version 1.0.0 - 2.3.1.1 for Joomla

A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1.1 for Joomla allows privileged users to execute arbitrary SQL commands via the 'id' parameter...

CVE-2025-49485 Extension - balbooa.com - SQL injection in Balbooa Forms component version 1.0.0 - 2.3.1.1 for Joomla

A SQL injection vulnerability in the Balbooa Forms plugin 1.0.0-2.3.1.1 for Joomla allows privileged users to execute arbitrary SQL commands via the 'id' parameter...

PT-2025-30022 · Joomla · Balbooa Forms

Name of the Vulnerable Software and Affected Versions: Balbooa Forms versions 1.0.0 through 2.3.1.1 Description: A SQL injection issue exists in the Balbooa Forms plugin for Joomla. Privileged users can execute arbitrary SQL commands through the id parameter. Recommendations: Balbooa Forms versio...

Balbooa Forms SQL注入漏洞

Balbooa Forms is a Joomla extension from Balbooa Inc. A SQL injection vulnerability exists in Balbooa Forms versions 1.0.0-2.3.1.1, which stems from an incorrect manipulation of the parameter id leading to a SQL injection attack...

Balbooa Joomla Forms Builder 2.0.6 - SQL Injection Vulnerability

Exploit Title: Balbooa Joomla Forms Builder 2.0.6 - SQL Injection Unauthenticated Exploit Author: blockomat2100 Vendor Homepage: https://www.balbooa.com/ Version: 2.0.6 Tested on: Docker An example request to trigger the SQL-Injection: POST /index.php?option=combaforms HTTP/1.1 Host: localhost...

Balbooa Forms, 2.0.6 (not tested on others), SQL Injection

Balbooa Forms, 2.0.6 , SQL Injection...