SQL Injection Vulnerability in NS Download Shop Component for Joomla!

SQL Injection Vulnerability in NS Download Shop Component for Joomla!

CVE-2017-15965 · HIGH Severity

AV:N/AC:L/AU:N/C:P/I:P/A:P

The NS Download Shop (aka com_ns_downloadshop) component 2.2.6 for Joomla! allows SQL Injection via the id parameter in an invoice.create action.

Learn more about our Cis Benchmark Audit For Microsoft Sql Server.