SQL Injection in Dj-extensions.com Dj-classifieds Component For Joomla
CVE-2025-54474
A SQLi vulnerability in DJ-Classifieds component 3.9.2-3.10.1 for Joomla was discovered. The issue allows privileged users to execute arbitrary SQL commands.
Vulnerability class: SQL Injection
EPSS: 0.003 (21.4th percentile) — read the EPSS interpretation.
Affected products
- Dj-extensions.com Dj-classifieds Component For Joomla — versions 3.9.2-3.10.1
Weakness classification (CWE)
References
- security@joomla.org (product)