5 matches found
CVE-2026-49048
The CVE-2026-49048 issue affects the Joomla extension JoomCCK (com_joomcck). A front-end controller task (tags.save) builds two SQL statements by directly concatenating a user-supplied request parameter into the query string without escaping or parameterisation, enabling unauthenticated SQL injec...
CVE-2026-49048 Joomla Extension - joomcoder.com - Unauthenticated SQL Injection in JoomCCK extension for Joomla < 6.4.1
The Joomla extension JoomCCK exposes a front-end controller task, that builds two SQL statements by directly concatenating a user-supplied request parameter into the query string without escaping or parameterisation...
PT-2026-53162
Name of the Vulnerable Software and Affected Versions JoomCCK affected versions not specified Description A front-end controller task in the JoomCCK extension for Joomla is susceptible to SQL injection. This occurs because the application constructs two SQL statements by directly concatenating a...
PrestaShop SQL注入漏洞
PrestaShop is an open source e-commerce solution from PrestaShop, Inc. in the United States. The solution provides multiple payment methods, short message alerts and product image zoom. A SQL injection vulnerability exists in PrestaShop versions 3.1.10 through 3.3.8, which stems from a SQL...
CVE-2019-5616
CVE-2019-5616 affects CircuitWerkes Sicon-8, a hardware device with a web-based front-end. The vulnerability is a client-side authentication flaw implemented in JavaScript running in the user’s browser, resulting in a read-only authentication bypass. According to the available sources, this is ne...