CNNVD-202508-1849 Information

CNNVD ID

CNNVD-202508-1849

Related CVE

CVE-2025-54474

• CNNVD Published: 2025-08-15

Description (Chinese)

Joomla!是Joomla!开源的一个自由、开放源代码的内容管理系统。 Joomla! 3.9.2-3.10.1版本存在SQL注入漏洞，该漏洞源于特权用户可执行任意SQL命令，可能导致SQL注入攻击。

Description (English)

Joomla! A free, open-source content management system for Joomla! Release 3.9.2-3.10.1 contains an injection loophole in SQL, which stems from the fact that privileged users can enforce arbitrary SQL orders, which could lead to an attack on SQL.

Hazard Level

High

Vulnerability Type

SQL注入

Affected Vendor

Joomla!

Published

2025-08-15

Last Modified

2026-02-24

References

https://dj-extensions.com/ https://access.redhat.com/security/cve/cve-2025-54474 https://nvd.nist.gov/vuln/detail/CVE-2025-54474