Multiple SQL injection vulnerabilities in the JE FAQ Pro (com_jefaqpro) component 1.5.0 for Joomla! allow remote malicious users to execute arbitrary SQL commands via category categorylist operations with (1) the catid parameter or (2) the catid parameter in a lists action.
Vulnerable Product | Search on Vulmon | Subscribe to Product |
---|---|---|
jextn com_jefaqpro 1.5.0 |