MidnightBSD

Advisories for dthdevelopment

CVE-2016-1000271 HIGH

Joomla extension DT Register version before 3.1.12 (Joomla 3.x) / 2.8.18 (Joomla 2.5) contains an SQL injection in "/index.php?controller=calendar&format=raw&cat[0]=SQLi&task=events". This attack appears to be exploitable if the attacker can reach the web server.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
dthdevelopment dt_register *
CVE-2018-6584 HIGH

SQL Injection exists in the DT Register 3.2.7 component for Joomla! via a task=edit&id= request.

CVSS 2.0

Severity: HIGH

Problem Type: CWE-89,

Products Affected

Vendor Product Version
dthdevelopment dt_register 3.2.7