Vulnerabilities/

Joomla! 'J2Store < 3.3.7' SQL Injection

Severity:: High

Description

A vulnerability in the J2Store component for Joomla! allows attackers to inject and execute SQL commands on the website’s database, potentially leading to data theft, manipulation, or unauthorized access.

Recommendation

To mitigate the risk, upgrade J2Store to the latest stable version, which includes patches for the vulnerability (version 3.3.7 and above).

References

Joomla!
CVE-2019-9184
CAPEC-310
OWASP 2021-A6

Related Issues

Joomla! 1.5 < 3.4.5 RCE - CVE-2015-8562
Joomla! Component Advertisement Board 3.1.0 'catname' SQLI - CVE-2018-5982
Joomla! Component Aist 2.0 'id' SQLI - CVE-2018-5993
Joomla! Component AllVideos Reloaded 1.2.x 'divid' SQLI - CVE-2018-5990

Tags:: Joomla; SQL Injection

Anything's wrong? Let us know Last updated on May 13, 2024