CVE-2019-25753 - CERT CVE

  1. CVE-2019-25753

ID CVE-2019-25753
Sažetak Joomla! Component VMap 1.9.6 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the latlngbound parameter. Attackers can send GET requests to index.php with the option=com_vmap&task=loadmarker parameters containing SQL injection payloads to manipulate database queries and extract sensitive information.
Reference
CVSS
Base: 8.2
Impact: 4.2
Exploitability:3.9
Pristup
VektorSloženostAutentikacija
NETWORK LOW NONE
Impact
PovjerljivostCjelovitostDostupnost
HIGH LOW NONE
CVSS vektor CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N
Zadnje važnije ažuriranje 19-06-2026 - 18:16
Objavljeno 19-06-2026 - 18:16