What is GHSA-rrm4-c4hh-wqg7?

GHSA-rrm4-c4hh-wqg7 is a security advisory published by GitHub Security Advisories with High severity. Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows...

Which CVE IDs does GHSA-rrm4-c4hh-wqg7 cover?

GHSA-rrm4-c4hh-wqg7 covers the following CVE IDs: CVE-2018-25348. Each CVE has its own detail page on EchelonGraph Pulse with the synthesized EG score.

What is the CVSS v3 score of GHSA-rrm4-c4hh-wqg7?

GHSA-rrm4-c4hh-wqg7 has a CVSS v3 base score of 8.2, published by GitHub Security Advisories.

GHSA-rrm4-c4hh-wqg7HighCVSS 8.2

Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows...

Vendor

GitHub Security Advisories

Published

May 26, 2026

Last Modified

May 26, 2026

🔗 CVE IDs covered (1)

CVE-2018-25348 →

📋 Description

Joomla! Component Ek Rishta 2.10 contains an SQL injection vulnerability that allows unauthenticated attackers to manipulate database queries by injecting SQL code through the cid parameter. Attackers can send GET requests to the user_detail view with malicious cid values containing SQL commands to extract sensitive database information.

🔗 References (6)

https://nvd.nist.gov/vuln/detail/CVE-2018-25348
https://extensions.joomla.org/extension/ek-rishta
https://www.exploit-db.com/exploits/44869
https://www.joomlaextensions.co.in
https://www.vulncheck.com/advisories/joomla-component-ek-rishta-sql-injection-via-user-detail
https://github.com/advisories/GHSA-rrm4-c4hh-wqg7