3 matches found
CVE-2017-7627
The CVE-2017-7627 issue concerns the Joomla! extension “Smart related articles” (version 1.1). The root cause is a missing _JEXEC check in dialog.php, which permits direct requests bypassing proper initialization. Affected software is the Smart related articles extension for Joomla!, exposing a p...
CVE-2017-7628
The vulnerability CVE-2017-7628 affects Joomla! via the Smart related articles extension (version 1.1). A SQL injection is triggered in dialog.php when an attacker submits the search_cats parameter in a POST request, potentially exposing database information. Connected CNVD/NVD entries confirm th...
CVE-2017-7626
The CVE-2017-7626 entry concerns the Joomla! ecosystem: the Smart related articles extension 1.1 for Joomla! contains a cross-site scripting (XSS) vulnerability in dialog.php, triggered via parameters n_art and type in the GET method. The issue is documented across sources (NVD entry and CNVD/CVE...