cwjoomla vulnerabilities and exploits

7.5
CVSSv2
CVE-2018-7313

SQL Injection exists in the CW Tags 2.0.6 component for Joomla! via the searchtext array parameter....

CwjoomlaCw Tags
7.5
CVSSv2
CVE-2018-14592

The CWJoomla CW Article Attachments PRO extension before 2.0.7 and CW Article Attachments FREE extension before 1.0.6 for Joomla! allow SQL Injection within download.php....