CVE-2020-25751

CVE-2020-25751

EPSS 1.8%

The paGO Commerce plugin 2.5.9.0 for Joomla! allows SQL Injection via the administrator/index.php?option=com_pago&view=comments filter_published parameter.

Affected products

Want to know if your infrastructure is exposed to this?

Talk to TrueHacking →

References

https://geekwire.eu/2020/09/14/joomla-pago-commerce-2-5-9-0-sql-injection-authenticated/https://www.exploit-db.com/exploits/48811