PT-2025-9835 · Joomla · Convert Forms

Adam Wallwork

Publicado

2025-03-05

Atualizado

2025-03-14

CVE-2025-22212

CVSS v3.1

2.7

Baixa

Vetor

AV:N/AC:L/PR:H/UI:N/S:U/C:N/I:L/A:N

Name of the Vulnerable Software and Affected Versions ConvertForms component versions 1.0.0 through 4.4.9 for Joomla

Description A SQL injection issue in the ConvertForms component for Joomla allows authenticated attackers, specifically administrators, to execute arbitrary SQL commands. This exploitation occurs in the submission management area of the backend.

Recommendations For ConvertForms component versions 1.0.0 through 4.4.9, update to a version that contains a fix for this issue to prevent SQL injection attacks.

Exploit

Correção

SQL injection

Encontrou algum problema na descrição? Tem algo a acrescentar? Fique à vontade para nos escrever 👾

dbugs@ptsecurity.com

Enumeração de Fraquezas

CWE-89

Identificadores relacionados

CVE-2025-22212

Produtos afetados

Convert Forms

PT-2025-9835 · Joomla · Convert Forms

CVE-2025-22212

Enumeração de Fraquezas

Identificadores relacionados

Produtos afetados

Referências · 7