VYPR

Zh Yandexmap

by Zh Yandexmap Project

CVEs (2)

  • CVE-2018-6604CriFeb 5, 2018
    risk 0.67cvss 9.8epss 0.03

    SQL Injection exists in the Zh YandexMap 6.2.1.0 component for Joomla! via the id parameter in a task=getPlacemarkDetails request.

  • CVE-2017-15966CriOct 29, 2017
    risk 0.67cvss 9.8epss 0.03

    The Zh YandexMap (aka com_zhyandexmap) component 6.1.1.0 for Joomla! allows SQL Injection via the placemarklistid parameter to index.php.