VYPR
Critical severity9.8OSV Advisory· Published Jan 30, 2018· Updated Jun 17, 2026

CVE-2018-6376

CVE-2018-6376

Description

In Joomla! before 3.8.4, the lack of type casting of a variable in a SQL statement leads to a SQL injection vulnerability in the Hathor postinstall message.

AI Insight

LLM-synthesized narrative grounded in this CVE's description and references.

Affected products

2
  • Joomla/Joomla!OSV2 versions
    1.7.3, 2.5.0, 2.5.0_beta1, …+ 1 more
    • (no CPE)range: 1.7.3, 2.5.0, 2.5.0_beta1, …
    • (no CPE)range: <3.8.4

Patches

Vulnerability mechanics

References

3

News mentions

0

No linked articles in our index yet.