RSS   Vulnerabilities for 'Smart related articles'   RSS

2017-04-12
 
CVE-2017-7628

 

 
The "Smart related articles" extension 1.1 for Joomla! has SQL injection in dialog.php (attacker must use search_cats variable in POST method to exploit this vulnerability).

 
 
CVE-2017-7627

CWE-noinfo
 

 
The "Smart related articles" extension 1.1 for Joomla! does not prevent direct requests to dialog.php (there is a missing _JEXEC check).

 
 
CVE-2017-7626

 

 
The "Smart related articles" extension 1.1 for Joomla! has XSS in dialog.php (n_art,type in GET Method).

 


Copyright 2024, cxsecurity.com

 

Back to Top