The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injection via the administrator/index.php?option=com_pago&view=comments filter_published parameter.
References
Link | Resource |
---|---|
https://geekwire.eu/2020/09/14/joomla-pago-commerce-2-5-9-0-sql-injection-authenticated/ | Third Party Advisory |
https://www.exploit-db.com/exploits/48811 | Exploit Third Party Advisory VDB Entry |
Configurations
History
No history.
Information
Published : 2020-09-18 04:15
Updated : 2024-02-04 21:23
NVD link : CVE-2020-25751
Mitre link : CVE-2020-25751
CVE.ORG link : CVE-2020-25751
JSON object : View
Products Affected
corephp
- pago_commerce
CWE
CWE-89
Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')