CVE-2020-25751

Sažetak

The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injection via the administrator/index.php?option=com_pago&view=comments filter_published parameter.

Reference

https://geekwire.eu/2020/09/14/joomla-pago-commerce-2-5-9-0-sql-injection-authenticated/
https://www.exploit-db.com/exploits/48811

CVSS

Base:	6.5
Impact:	6.4
Exploitability:	8.0

Pristup

Vektor	Složenost	Autentikacija
NETWORK	LOW	SINGLE

Impact

Povjerljivost	Cjelovitost	Dostupnost
PARTIAL	PARTIAL	PARTIAL

CVSS vektor

AV:N/AC:L/Au:S/C:P/I:P/A:P

Zadnje važnije ažuriranje

24-09-2020 - 13:58

Objavljeno

18-09-2020 - 04:15