Vulnerability in N/a
CVE-2018-17254
The JCK Editor component 6.4.4 for Joomla! allows SQL Injection via the jtreelink/dialogs/links.php parent parameter.
EPSS: 0.852 (99.4th percentile) — read the EPSS interpretation.
Affected products
- N/a — versions n/a
Public proof-of-concept exploits
References
- 45423 (exploit, x_refsource_EXPLOIT-DB)
- packetstormsecurity.com/files/161683/Joomla-JCK-Editor-6.4.4-SQL-Injection.html (x_refsource_MISC)
Frequently asked questions
- What is CVE-2018-17254?
- CVE-2018-17254 is a vulnerability in N/a. Published 2018-09-20.
- Is CVE-2018-17254 known to be exploited?
- 7 public proof-of-concept repositories are indexed. Not currently listed in the CISA KEV catalog.