13 matches found
CVE-2026-35221
Improperly built filter clauses lead to a SQL injection vulnerability in the search query for comfinder...
BIT-JOOMLA-2026-35221 Joomla! Core - [20260506] - Authenticated blind SQLi in com_finder
Improperly built filter clauses lead to a SQL injection vulnerability in the search query for comfinder...
CVE-2026-35221
Improperly built filter clauses lead to a SQL injection vulnerability in the search query for comfinder...
CVE-2026-35221 Joomla! Core - [20260506] - Authenticated blind SQLi in com_finder
Improperly built filter clauses lead to a SQL injection vulnerability in the search query for comfinder...
CVE-2026-35221
CVE-2026-35221 affects Joomla! Core via com_finder search due to improperly built filter clauses, enabling authenticated blind SQL injection. Evidence across sources (NVD/NIST, CVE List, Vuln enrichment, Attackerkb, EUVD) consistently describe an authenticated SQLi in com_finder. No explicit prod...
Joomla! CMS SQL注入漏洞
Joomla! CMS is a content management system developed under the open source Joomla! framework. The Joomla! CMS has a SQL injection vulnerability, which stems from improper construction of filter clauses. This vulnerability may lead to SQL injection in the comfinder search query...
Joomla! information disclosure vulnerability (CNVD-2020-75068)
Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. An information disclosure vulnerability exists in Joomla! 2.5.0 - 3.9.22. The...
Design/Logic Flaw
An issue was discovered in Joomla! 2.5.0 through 3.9.22. The autosuggestion feature of comfinder did not respect the access level of the corresponding terms...
CVE-2020-35610
CVE-2020-35610 affects Joomla! 2.5.0 through 3.9.22 where the autosuggestion feature of the component com_finder ignores the access level of terms, potentially exposing restricted information. The issue is described across multiple sources, noting the same root cause and affected range. The CVSS ...
CVE-2020-35610 [20201101] - Core - com_finder ignores access levels on autosuggest
An issue was discovered in Joomla! 2.5.0 through 3.9.22. The autosuggestion feature of comfinder did not respect the access level of the corresponding terms...
Joomla! 安全漏洞
Joomla! is a globally recognized content management system developed using the PHP language coupled with a MySQL database that can be implemented on various platforms such as Linux, Windows, MacOSX, and many others. An information disclosure vulnerability exists in Joomla! 2.5.0 - 3.9.22. The...
[20201101] - Core - com_finder ignores access levels on autosuggest
The autosuggestion feature of comfinder did not respect the access level of the corresponding terms...
Joomla Com_Finder 4.0.0 Database Disclosure
Exploit Title : Joomla ComFinder Components 4.0.0 Database Backup Disclosure Author Discovered By : KingSkrupellos from Cyberizm Digital Security Army Date : 02/12/2018 Vendor Homepage : joomla.org Software Download Links :...