SQL Injection Vulnerability in JNews Joomla Component (Versions prior to 8.5.0)

SQL Injection Vulnerability in JNews Joomla Component (Versions prior to 8.5.0)

CVE-2015-7342 · HIGH Severity

CVSS:3.1/AV:N/AC:L/PR:H/UI:N/S:U/C:H/I:H/A:H

JNews Joomla Component before 8.5.0 allows SQL injection via upload thumbnail, Queue Search Field, Subscribers Search Field, or Newsletters Search Field.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.