VYPR

J2Store

by Joomla

CVEs (2)

  • CVE-2019-9184CriFeb 26, 2019
    risk 0.67cvss 9.8epss 0.09

    SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter.

  • CVE-2020-13996HigJun 9, 2020
    risk 0.57cvss 8.8epss 0.01

    The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager.