ByteOS Network

Ek Rishta

Source -

CNA

CNA CVEs -

ADP CVEs -

CISA CVEs -

NVD CVEs -

2Vulnerabilities found

CVE-2018-25351

Assigner-VulnCheck

View Details

Assigner-VulnCheck

CVSS Score-8.8||HIGH

EPSS-Not Assigned

Published-23 May, 2026 | 18:30

Updated-23 May, 2026 | 18:30

Joomla! Component EkRishta 2.10 SQL Injection via username

Joomla! Component EkRishta 2.10 contains an error-based SQL injection vulnerability that allows unauthenticated attackers to execute arbitrary SQL queries by injecting malicious code into the username parameter. Attackers can submit POST requests to the login endpoint with SQL injection payloads in the username field to extract database information including user credentials and system details.

Vendor-harmistechnology

Product-Ek Rishta

CWE ID-CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')

CVE-2018-25348

Assigner-VulnCheck

View Details

Assigner-VulnCheck

CVSS Score-8.8||HIGH

EPSS-Not Assigned

Published-23 May, 2026 | 18:30

Updated-23 May, 2026 | 18:30

Joomla! Component Ek Rishta 2.10 SQL Injection via user_detail

Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the user_detail view with malicious cid values containing SQL commands to extract sensitive database information.

Vendor-harmistechnology

Product-Ek Rishta

CWE ID-CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')