MidnightBSD

Advisories for cwjoomla

CVE-2018-14592 HIGH

The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
cwjoomla cw_article_attachments_pro *
cwjoomla cw_article_attachments_free *
CVE-2018-7313 HIGH

SQL Injection exists in the CW Tags 2.0.6 component for Joomla! via the searchtext array parameter.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
cwjoomla cw_tags 2.0.6