Search
Search Results (2 CVEs found)
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2026-49049 | 1 Joomshaper | 1 Helix3 Extension For Joomla | 2026-07-01 | 7.5 High |
| The Helix3 plugin for Joomla exposes an ajax handler task, that allows unauthenticated attackers to delete arbitrary files, write arbitrary JSON files and update template parameters. | ||||
| CVE-2017-20266 | 1 Joomshaper | 1 Sp Movie Database | 2026-06-22 | 8.2 High |
| Joomla SP Movie Database 1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the searchword parameter. Attackers can send GET requests to the searchresults view with crafted SQL payloads in the searchword parameter to extract sensitive database information. | ||||
Page 1 of 1.