High severity7.1NVD Advisory· Published May 25, 2026· Updated May 26, 2026
CVE-2018-25380
CVE-2018-25380
Description
Joomla Component eXtroForms 2.1.5 contains an SQL injection vulnerability that allows authenticated attackers to execute arbitrary SQL commands through the filter_type_id, filter_pid_id, and filter_search parameters. Attackers can submit POST requests to the extroformfield view with malicious SQL payloads to extract sensitive database information and server data.
AI Insight
LLM-synthesized narrative grounded in this CVE's description and references.
Affected products
1- Range: =2.1.5
Patches
Vulnerability mechanics
References
4News mentions
0No linked articles in our index yet.