Filtered by vendor Weborange
Subscriptions
Filtered by product Price Alert
Subscriptions
Total
1 CVE
| CVE | Vendors | Products | Updated | CVSS v3.1 |
|---|---|---|---|---|
| CVE-2017-20260 | 1 Weborange | 1 Price Alert | 2026-06-20 | 8.2 High |
| Joomla! Component Price Alert 3.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the product_id parameter. Attackers can send requests to the subscribeajax view with crafted SQL payloads in the product_id parameter to extract sensitive database information including credentials and configuration data. | ||||
Page 1 of 1.