J2store: >> J2store >> 3.1.1 Security Vulnerabilities
The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager.
CVSS Score
8.8
EPSS Score
0.011
Published
2020-06-09
Multiple SQL injection vulnerabilities in the J2Store (com_j2store) extension before 3.1.7 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) sortby or (2) manufacturer_ids[] parameter to index.php.
CVSS Score
7.5
EPSS Score
0.004
Published
2015-08-18