The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php.
9.8CVSS
9.9AI Score
0.005EPSS
SQL Injection exists in the CW Tags 2.0.6 component for Joomla! via the searchtext array parameter.
9.8CVSS
9.8AI Score
0.003EPSS