Multiple SQL injection vulnerabilities in the J2Store (com_j2store) extension before 3.1.7 for Joomla! allow remote attackers to execute arbitrary SQL commands via the (1) sortby or (2) manufacturer_ids[] parameter to index.php.
8.8AI Score
0.002EPSS
SQL injection vulnerability in the J2Store plugin 3.x before 3.3.7 for Joomla! allows remote attackers to execute arbitrary SQL commands via the product_option[] parameter.
9.8CVSS
9.9AI Score
0.006EPSS
The J2Store plugin before 3.3.13 for Joomla! allows a SQL injection attack by a trusted store manager.
8.8CVSS
9AI Score
0.001EPSS