CVE-2025-26855

State: PUBLISHED · Published: 2025-07-18 · Updated: 2025-07-23 · Assigner: Joomla

Description

A SQL injection in Articles Calendar extension 1.0.0 - 1.0.1.0007 for Joomla allows attackers to execute arbitrary SQL commands.

CWE

CWE-89 — CWE-89: Improper Neutralization of Special Elements used in an SQL Command

Affected

joomcar.net / Articles Calendar extension for Joomla — v=1.0.0-1.0.1.0007 [affected]

CVSS

References

Source

cvelistV5-main/cves/2025/26xxx/CVE-2025-26855.json