2 matches found
Joomla CW Article Attachments 1.0.6 - id SQL Injection Vulnerability
Exploit for php platform in category web applications Exploit Title: Joomla! CW Article Attachments 1.0.6 - 'id' SQL Injection Exploit Author: Haboob Team Software Link: https://extensions.joomla.org/extension/cw-article-attachments/ Version: below 1.0.6 CVE : CVE-2018-14592...
CVE-2018-14592
CVE-2018-14592 affects Joomla! extensions CWJoomla CW Article Attachments PRO (before 2.0.7) and CW Article Attachments FREE (before 1.0.6). The vulnerability is an SQL Injection in download.php, allowing remote attackers to execute SQL commands. Impact per sources indicates high/critical severit...