Cybersecurity & Regolamentazione UE

News & Sicurezza

Aggiornamenti da ENISA, NVD e le principali fonti di cybersecurity europee. Tutto quello che un Responsabile Tecnico deve sapere.

25013 risultati

VulnerabilitàAlta
CVE-2017-20266 (CVSS 8.2)

Joomla SP Movie Database 1.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the searchword parameter. Attackers can send GET requests to the searchresults view with crafted SQL payloads in the searchword parameter to extract sensitive database information.

NVD (NIST)19 giu 2026
VulnerabilitàAlta
CVE-2017-20265 (CVSS 7.1)

Joomla! Component Flip Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=com_flipwall&task=click&wallid parameter containing SQL injection payloads to extract sensitive database information.

NVD (NIST)19 giu 2026
VulnerabilitàAlta
CVE-2017-20264 (CVSS 7.1)

Joomla! Component Sponsor Wall 8.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the wallid parameter. Attackers can send GET requests to index.php with the option=com_sponsorwall&task=click&wallid parameter containing SQL injection payloads to extract sensitive database information including credentials and configuration data.

NVD (NIST)19 giu 2026
VulnerabilitàAlta
CVE-2017-20263 (CVSS 8.2)

Joomla! Component FocalPoint Pro/Free 1.2.3 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to index.php with option=com_focalpoint, view=location, and a crafted id parameter containing SQL commands to extract sensitive database information.

NVD (NIST)19 giu 2026
VulnerabilitàAlta
CVE-2017-20262 (CVSS 8.2)

Joomla! Component Ajax Quiz 1.8 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the cid parameter. Attackers can send GET requests to index.php with the option=com_ajaxquiz and view=ajaxquiz parameters to extract sensitive database information including table names and column structures.

NVD (NIST)19 giu 2026
VulnerabilitàAlta
CVE-2017-20261 (CVSS 8.2)

Joomla! Component Bargain Product VM3 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the product_id parameter. Attackers can supply crafted SQL statements in GET requests to the brainy and alice views to extract sensitive database information.

NVD (NIST)19 giu 2026
VulnerabilitàAlta
CVE-2017-20260 (CVSS 8.2)

Joomla! Component Price Alert 3.0.2 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the product_id parameter. Attackers can send requests to the subscribeajax view with crafted SQL payloads in the product_id parameter to extract sensitive database information including credentials and configuration data.

NVD (NIST)19 giu 2026
VulnerabilitàAlta
CVE-2017-20259 (CVSS 8.2)

Joomla OSDownloads 1.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to index.php with option=com_osdownloads&view=item&id=[SQL] to extract sensitive database information including credentials and configuration data.

NVD (NIST)19 giu 2026
VulnerabilitàAlta
CVE-2017-20258 (CVSS 8.2)

Joomla! Component RPC Responsive Portfolio 1.6.1 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the id parameter. Attackers can send GET requests to index.php with option=com_pofos&view=pofo&id=[SQL] to extract sensitive database information.

NVD (NIST)19 giu 2026
VulnerabilitàAlta
CVE-2017-20257 (CVSS 8.2)

Joomla! Component Quiz Deluxe 3.7.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL commands through the ajaxaction.flag_question task. Attackers can inject malicious SQL code via the stu_quiz_id or flag_quest parameters to manipulate database queries and extract sensitive information.

NVD (NIST)19 giu 2026
VulnerabilitàAlta
CVE-2017-20256 (CVSS 8.2)

Joomla Survey Force Deluxe 3.2.4 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the invite parameter. Attackers can send GET requests to the component with crafted SQL payloads in the invite parameter to extract sensitive database information.

NVD (NIST)19 giu 2026
VulnerabilitàAlta
CVE-2017-20255 (CVSS 8.2)

Joomla! Component JB Visa 1.0 contains an SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code through the visatype parameter. Attackers can send GET requests to index.php with the option=com_bookpro and view=popup parameters, injecting SQL commands in the visatype parameter to extract sensitive database information including credentials and table contents.

NVD (NIST)19 giu 2026

Pagina 202 di 2085

Resta aggiornato sulla cybersecurity

Iscriviti a CodersRegistry per ricevere gli aggiornamenti più importanti su regolamentazione EU e vulnerabilità critiche.