Unrated severityNVD Advisory· Published Apr 12, 2018· Updated Aug 5, 2024

CVE-2018-10063

Description

The Convert Forms extension before 2.0.4 for Joomla! is vulnerable to Remote Command Execution using CSV Injection that is mishandled when exporting a Leads file.

Affected products

Convertforms/Convertformsinferred
Range: <2.0.4

Patches

No patches discovered yet.

Vulnerability mechanics

AI mechanics synthesis has not run for this CVE yet.

References

www.exploit-db.com/exploits/44447/mitreexploitx_refsource_EXPLOIT-DB
extensions.joomla.org/extensions/extension/contacts-and-feedback/forms/convert-forms/mitrex_refsource_CONFIRM
www.tassos.gr/blog/convert-forms-2-0-4-security-releasemitrex_refsource_MISC

News mentions

No linked articles in our index yet.

cvss	0.000
epss	0.003
exploit	0.030
kev	0.000
patch	0.000
ransomware	0.000