GHSA-625w-9wpc-g966HighCVSS 7.1
Joomla J-CruisePortal 6.0.4 contains an SQL injection vulnerability that allows authenticated...
🔗 CVE IDs covered (1)
📋 Description
Joomla J-CruisePortal 6.0.4 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL queries by injecting malicious code through the guest_adult parameter. Attackers can send POST requests to the cruises endpoint with crafted SQL payloads in the guest_adult parameter to extract sensitive database information or manipulate database records.