-

Byte Open Security

(ByteOS Network)

Log In

Sign Up

ByteOS

Security

Vulnerability Details

Registries

Custom Views

Weaknesses

Attack Patterns

Filters & Tools

invitex

Source -

NVD

CNA CVEs -

0

ADP CVEs -

0

CISA CVEs -

0

NVD CVEs -

1

Related CVEs Related Vendors Related Assigners Reports

1Vulnerabilities found

Assigner-MITRE Corporation

Assigner-MITRE Corporation

CVSS Score-9.8||CRITICAL

EPSS-1.49% / 80.26%

||

7 Day CHG~0.00%

Published-17 Feb, 2018 | 07:00

Updated-05 Aug, 2024 | 06:01

Rejected-Not Available

Known To Be Used In Ransomware Campaigns?-Not Available

KEV Added-Not Available

KEV Action Due Date-Not Available

SQL Injection exists in the InviteX 3.0.5 component for Joomla! via the invite_type parameter in a view=invites action.

Action-Not Available

Vendor-techjoomla n/a

Product-invitex n/a

CWE ID-CWE-89

Improper Neutralization of Special Elements used in an SQL Command ('SQL Injection')