First published: Fri Sep 18 2020(Updated: )
The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injection via the administrator/index.php?option=com_pago&view=comments filter_published parameter.
Credit: cve@mitre.org
Affected Software | Affected Version | How to fix |
---|---|---|
Corephp Pago Commerce | =2.5.9.0 |
Sign up to SecAlerts for real-time vulnerability data matched to your software, aggregated from hundreds of sources.
The vulnerability ID for this issue is CVE-2020-25751.
The title of this vulnerability is 'The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injection via the administrator/index.php?option=com_pago&view=comments filter_published parameter.'
The severity of CVE-2020-25751 is high with a severity value of 8.8.
This vulnerability affects the paGO Commerce plugin version 2.5.9.0 for Joomla.
The SQL Injection can be exploited by manipulating the filter_published parameter in the administrator/index.php?option=com_pago&view=comments URL.